CVE-2004-0364 Information

Description

The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting which allows remote attackers to execute arbitrary programs via the LaunchURL method.

Reference

http://marc.info/?l=bugtraq&m=107970885922442&w=2 http://marc.info/?l=bugtraq&m=107980262324362&w=2 http://secunia.com/advisories/11168 http://www.kb.cert.org/vuls/id/549054 http://www.nextgenss.com/advisories/nisrce.txt http://www.sarc.com/avcenter/security/Content/2004.03.19.html http://www.securityfocus.com/bid/9915 https://exchange.xforce.ibmcloud.com/vulnerabilities/15538 norton-is-launchurl-command-execution(15538)