Lucene search

[email protected]CVE-2004-0364

HistoryApr 15, 2004 - 4:00 a.m.

CVE-2004-0364

2004-04-1504:00:00

[email protected]

web.nvd.nist.gov

norton internet security

2004

wrapnisum

activex

remote code execution

cve-2004-0364

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

High

0.561 Medium

EPSS

Percentile

97.7%

JSON

The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting, which allows remote attackers to execute arbitrary programs via the LaunchURL method.

Affected configurations

NVD

Node

symantecnorton_internet_securityMatch2004

symantecnorton_internet_securityMatch2004professional

CPENameOperatorVersion
symantec:norton_internet_securitysymantec norton internet securityeq2004

CPE	Name	Operator	Version
symantec:norton_internet_security	symantec norton internet security	eq	2004

References

marc.info/?l=bugtraq&m=107970885922442&w=2

marc.info/?l=bugtraq&m=107980262324362&w=2

secunia.com/advisories/11168

www.kb.cert.org/vuls/id/549054

www.nextgenss.com/advisories/nisrce.txt

www.sarc.com/avcenter/security/Content/2004.03.19.html

www.securityfocus.com/bid/9915

exchange.xforce.ibmcloud.com/vulnerabilities/15538

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

High

0.561 Medium

EPSS

Percentile

97.7%

JSON

Related for CVE-2004-0364

cert1 cvelist1 nvd1 checkpoint_advisories1