CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-1517

Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service (browser crash) and possibly execute arbitrary code via unspecified input to the (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, and (6) CallTour methods.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.082

EPSS Ranking 91.9%

CVSS Severity

CVSS v2 Score 4.3

References

http://www.securityfocus.com/bid/34696
http://www.securitytracker.com/id?1022120
http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/50098
https://www.exploit-db.com/exploits/8523
http://www.securityfocus.com/bid/34696
http://www.securitytracker.com/id?1022120
http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/50098
https://www.exploit-db.com/exploits/8523

Products affected by CVE-2009-1517

Symantec » Norton Ghost » Version: 14.0

cpe:2.3:a:symantec:norton_ghost:14.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-1517

Products

Pricing

Contact Us