CVE-1999-1380
First published: Sun May 04 1997(Updated: )
Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Norton Utilities | =2.0 | |
| =2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-1999-1380?
CVE-1999-1380 is considered a high severity vulnerability due to the potential for remote code execution.
How do I fix CVE-1999-1380?
To fix CVE-1999-1380, users should upgrade to a newer version of Symantec Norton Utilities that does not include the vulnerable TUNEOCX.OCX ActiveX control.
What specific software versions are affected by CVE-1999-1380?
CVE-1999-1380 specifically affects Symantec Norton Utilities version 2.0 for Windows 95.
Can CVE-1999-1380 be exploited through web browsers?
Yes, CVE-1999-1380 can be exploited through web browsers, particularly Internet Explorer 3.0, by using malicious web pages.
What type of attack is enabled by CVE-1999-1380?
CVE-1999-1380 allows remote attackers to execute arbitrary commands on the victim's system.
- collector/nvd-historical
- vendor/symantec
- product/norton utilities
- canonical/symantec norton utilities
- collector/nvd-index
- agent/author
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/remedy
- agent/severity
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- version/symantec norton utilities/2.0