Lucene search
SAINT CorporationSAINT:B6512D2A97B7778B7147C9CD2D19DB8FHistoryDec 24, 2008 - 12:00 a.m.
Norton AntiSpam 2004 SymSpamHelper ActiveX control buffer overflow
2008-12-2400:00:00
SAINT Corporation
www.saintcorporation.com
8
0.941 High
EPSS
Percentile
99.2%
Added: 12/24/2008
CVE: CVE-2004-0363
BID: 9916
OSVDB: 6249
Background
Norton AntiSpam 2004, which is included in Norton Internet Security 2004, is spam filtering software.
Problem
A buffer overflow vulnerability in the SymSpamHelper ActiveX control (symspam.dll) allows command execution when a user loads a web page which calls the LaunchCustomRuleWizard method with a long, specially crafted parameter.
Resolution
Use LiveUpdate to download and install all available product updates.
References
<http://www.kb.cert.org/vuls/id/344718>
<http://www.symantec.com/avcenter/security/Content/2004.03.19.html>
<http://www.ngssoftware.com/advisories/antispam.txt>
Limitations
Exploit works on Norton Internet Security 2004.
Platforms
Windows XP
Related
cve
cve
CVE-2004-0363
2004-04-15 04:00:00
cert
cert
saint
saint
Norton AntiSpam 2004 SymSpamHelper ActiveX control buffer overflow
2008-12-24 00:00:00
Norton AntiSpam 2004 SymSpamHelper ActiveX control buffer overflow
2008-12-24 00:00:00
Norton AntiSpam 2004 SymSpamHelper ActiveX control buffer overflow
2008-12-24 00:00:00
nvd
nvd
CVE-2004-0363
2004-04-15 04:00:00
cvelist
cvelist
CVE-2004-0363
2004-03-23 05:00:00
packetstorm
packetstorm
Norton AntiSpam 2004 SymSpamHelper ActiveX Control Buffer Overflow
2009-11-26 00:00:00
checkpoint_advisories
checkpoint_advisories
Norton Internet Security 2004 symspam.dll Buffer Overflow (CVE-2004-0363)
2009-10-15 00:00:00