Vulnerabilities > Symantec > Norton Internet Security > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-09-24 | CVE-2007-5047 | Improper Input Validation vulnerability in Symantec Norton Internet Security 200815.0.0.60 Norton Internet Security 2008 15.0.0.60 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the NtOpenSection kernel SSDT hook. | 7.2 |
2007-05-11 | CVE-2006-3456 | Code Injection vulnerability in Symantec products The Symantec NAVOPTS.DLL ActiveX control (aka Symantec.Norton.AntiVirus.NAVOptions) 12.2.0.13, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, is designed for use only in application-embedded web browsers, which allows remote attackers to "crash the control" via unspecified vectors related to content on a web site, and place Internet Explorer into a "defunct state" in which remote attackers can execute arbitrary code in addition to other Symantec ActiveX controls, regardless of whether they are marked safe for scripting. | 8.5 |
2005-02-08 | CVE-2005-0249 | Unspecified vulnerability in Symantec products Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header. | 7.5 |
2004-04-15 | CVE-2004-0364 | Remote Command Execution vulnerability in Symantec Norton Internet Security 2004 The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting, which allows remote attackers to execute arbitrary programs via the LaunchURL method. | 7.5 |
2004-02-03 | CVE-2003-0994 | Unspecified vulnerability in Symantec products The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in Norton Internet Security 2001 through 2004, SystemWorks 2001 through 2004, and AntiVirus and Norton AntiVirus Pro 2001 through 2004, AntiVirus for Handhelds v3.0, allows local users to gain SYSTEM privileges. | 7.2 |
2002-07-26 | CVE-2002-0663 | Buffer Overflow vulnerability in Symantec Norton Personal Firewall/Internet Security 2001 Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request. | 7.5 |