Vulnerabilities > Symantec > Norton System Works > Critical

DATE CVE VULNERABILITY TITLE RISK
2008-04-08 CVE-2008-0312 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Symantec products
Stack-based buffer overflow in the AutoFix Support Tool ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products, including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, allows remote attackers to execute arbitrary code via a long argument to the GetEventLogInfo method.
network
microsoft symantec CWE-119
critical
9.3
2007-10-05 CVE-2007-0447 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Symantec products
Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.
network
symantec CWE-119
critical
9.3
2007-10-05 CVE-2007-3699 Remote vulnerability in Symantec AntiVirus Malformed CAB and RAR Compression
The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header.
network
symantec
critical
9.3
2007-02-22 CVE-2006-6490 Remote Buffer Overflow vulnerability in SupportSoft ActiveX Controls
Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message.
network
low complexity
supportsoft symantec
critical
10.0