CVE-2007-2955 Information
Description
Multiple unspecified \input validation error\ vulnerabilities in multiple ActiveX controls in NavComUI.dll as used in multiple Norton AntiVirus Internet Security and System Works products for 2006 allows remote attackers to execute arbitrary code via (1) the AnomalyList property to AxSysListView32 and (2) Anomaly property to AxSysListView32OAA.
Reference
http://secunia.com/advisories/25215 http://secunia.com/secunia_research/2007-53/advisory/ http://www.securityfocus.com/bid/24983 http://www.securitytracker.com/id?1018545 http://www.securitytracker.com/id?1018546 http://www.securitytracker.com/id?1018547 http://www.symantec.com/avcenter/security/Content/2007.08.09.html http://www.vupen.com/english/advisories/2007/2822 https://exchange.xforce.ibmcloud.com/vulnerabilities/35944
Share on: