Vulnerability Details CVE-2007-1689
Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.738
EPSS Ranking 98.7%
CVSS Severity
CVSS v2 Score 10.0
References
- http://osvdb.org/36164
- http://secunia.com/advisories/25290
- http://www.kb.cert.org/vuls/id/983953
- http://www.securityfocus.com/archive/1/468779/100/0/threaded
- http://www.securityfocus.com/bid/23936
- http://www.securitytracker.com/id?1018073
- http://www.symantec.com/avcenter/security/Content/2007.05.16.html
- http://www.vupen.com/english/advisories/2007/1843
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34328
- http://osvdb.org/36164
- http://secunia.com/advisories/25290
- http://www.kb.cert.org/vuls/id/983953
- http://www.securityfocus.com/archive/1/468779/100/0/threaded
- http://www.securityfocus.com/bid/23936
- http://www.securitytracker.com/id?1018073
- http://www.symantec.com/avcenter/security/Content/2007.05.16.html
- http://www.vupen.com/english/advisories/2007/1843
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34328
Products affected by CVE-2007-1689
-
cpe:2.3:a:symantec:norton_internet_security:2004
-
cpe:2.3:a:symantec:norton_personal_firewall:2004