CVE-2006-6490: Buffer Overflow
First published: Thu Feb 22 2007(Updated: )
Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Supportsoft Scriptrunner | ||
| Supportsoft Smartissue | ||
| Symantec Norton System Works | =2006 | |
| Symantec Norton AntiVirus | =2006 | |
| Symantec Norton Internet Security | =2006 | |
| Symantec Automated Support Assistant |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=478
- http://www.symantec.com/avcenter/security/Content/2007.02.22.html
- http://www.kb.cert.org/vuls/id/441785
- http://www.securityfocus.com/bid/22564
- http://www.securitytracker.com/id?1017688
- http://www.securitytracker.com/id?1017689
- http://www.securitytracker.com/id?1017690
- http://www.securitytracker.com/id?1017691
- http://secunia.com/advisories/24246
- http://secunia.com/advisories/24251
- http://osvdb.org/33481
- http://archives.neohapsis.com/archives/bugtraq/2007-02/0454.html
- http://osvdb.org/33482
- http://www.vupen.com/english/advisories/2007/0703
- http://www.vupen.com/english/advisories/2007/0704
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32636
- http://www.securityfocus.com/archive/1/461147/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/supportsoft
- canonical/supportsoft scriptrunner
- canonical/supportsoft smartissue
- vendor/symantec
- canonical/symantec norton system works
- version/symantec norton system works/2006
- canonical/symantec norton antivirus
- version/symantec norton antivirus/2006
- canonical/symantec norton internet security
- version/symantec norton internet security/2006
- canonical/symantec automated support assistant