Symantec AutoFix Support Tool 'SYMADATA.DLL' ActiveX Control Remote Buffer Overflow Vulnerability
Severity: MEDIUM
CVE Identifier: CVE-2008-0313
Advisory Date: FEB 15, 2011
DESCRIPTION
Symantec AutoFix Support Tool ActiveX control is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
An attacker can exploit this issue to execute arbitrary code in the context of an application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.
NOTE: To exploit this issue, an attacker must entice an unsuspecting victim to to visit a malicious website masquerading as a trusted Symantec site.
This issue affects 'SYMADATA.DLL' 2.7.0.1 ActiveX control, which is part of the following Symantec products:
Norton 360 1.0
Norton AntiVirus 2006-2008
Norton Internet Security 2006-2008
Norton System Works 2006-2008
TREND MICRO PROTECTION INFORMATION
Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1002362
Trend Micro Deep Security DPI Rule Name: 1002362 - Microsoft Internet Explorer Symantec Autofix Tool ActiveX Buffer Overflow
AFFECTED SOFTWARE AND VERSION
- Symantec Norton 360 1.0
- Symantec Norton AntiVirus 2006
- Symantec Norton Antivirus 2007 0
- Symantec Norton Antivirus 2008 0
- Symantec Norton Internet Security 2006 0
- Symantec Norton Internet Security 2007 0
- Symantec Norton Internet Security 2008 0
- Symantec Norton SystemWorks 2006 0
- Symantec Norton SystemWorks 2007 0
- Symantec Norton SystemWorks 2008 0