The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting, which allows remote attackers to execute arbitrary programs via the LaunchURL method.
marc.info/?l=bugtraq&m=107970885922442&w=2
marc.info/?l=bugtraq&m=107980262324362&w=2
secunia.com/advisories/11168
www.kb.cert.org/vuls/id/549054
www.nextgenss.com/advisories/nisrce.txt
www.sarc.com/avcenter/security/Content/2004.03.19.html
www.securityfocus.com/bid/9915
exchange.xforce.ibmcloud.com/vulnerabilities/15538