Vulnerabilities > CVE-2006-6490
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 | |
| Application | 4 |
Saint
| bid | 22564 |
| description | SupportSoft tgctlsi.dll ActiveX control buffer overflow |
| id | misc_av_supportsofttgax |
| osvdb | 33481 |
| title | supportsoft_activex |
| type | client |
References
- http://archives.neohapsis.com/archives/bugtraq/2007-02/0454.html
- http://archives.neohapsis.com/archives/bugtraq/2007-02/0454.html
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=478
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=478
- http://osvdb.org/33481
- http://osvdb.org/33481
- http://osvdb.org/33482
- http://osvdb.org/33482
- http://secunia.com/advisories/24246
- http://secunia.com/advisories/24246
- http://secunia.com/advisories/24251
- http://secunia.com/advisories/24251
- http://www.kb.cert.org/vuls/id/441785
- http://www.kb.cert.org/vuls/id/441785
- http://www.securityfocus.com/archive/1/461147/100/0/threaded
- http://www.securityfocus.com/archive/1/461147/100/0/threaded
- http://www.securityfocus.com/bid/22564
- http://www.securityfocus.com/bid/22564
- http://www.securitytracker.com/id?1017688
- http://www.securitytracker.com/id?1017688
- http://www.securitytracker.com/id?1017689
- http://www.securitytracker.com/id?1017689
- http://www.securitytracker.com/id?1017690
- http://www.securitytracker.com/id?1017690
- http://www.securitytracker.com/id?1017691
- http://www.securitytracker.com/id?1017691
- http://www.symantec.com/avcenter/security/Content/2007.02.22.html
- http://www.symantec.com/avcenter/security/Content/2007.02.22.html
- http://www.vupen.com/english/advisories/2007/0703
- http://www.vupen.com/english/advisories/2007/0703
- http://www.vupen.com/english/advisories/2007/0704
- http://www.vupen.com/english/advisories/2007/0704
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32636
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32636