Vulnerability Details CVE-2003-0470
Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.177
EPSS Ranking 94.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/006014.html
- http://marc.info/?l=bugtraq&m=105647537823877&w=2
- http://secunia.com/advisories/9091
- http://securitytracker.com/id?1007029
- http://www.kb.cert.org/vuls/id/527228
- http://www.securityfocus.com/bid/8008
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12423
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/006014.html
- http://marc.info/?l=bugtraq&m=105647537823877&w=2
- http://secunia.com/advisories/9091
- http://securitytracker.com/id?1007029
- http://www.kb.cert.org/vuls/id/527228
- http://www.securityfocus.com/bid/8008
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12423
Products affected by CVE-2003-0470
-
cpe:2.3:a:symantec:security_check:-