CVE-2008-0313
First published: Tue Apr 08 2008(Updated: )
The ActiveDataInfo.LaunchProcess method in the SymAData.ActiveDataInfo.1 ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, does not properly determine the location of the AutoFix Tool, which allows remote attackers to execute arbitrary code via a remote (1) WebDAV or (2) SMB share.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Norton Internet Security | =2008 | |
| Symantec Norton AntiVirus | =2008 | |
| Symantec Norton Internet Security | =2007 | |
| Symantec Norton AntiVirus | =2007 | |
| Symantec System Works | =2006 | |
| Symantec System Works | =2007 | |
| Symantec Norton AntiVirus | =2006 | |
| Symantec System Works | =2008 | |
| Symantec Norton Internet Security | =2006 | |
| Symantec Norton 360 | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=678
- http://securityresponse.symantec.com/avcenter/security/Content/2008.04.02a.html
- http://www.securityfocus.com/bid/28509
- http://www.securitytracker.com/id?1019751
- http://www.securitytracker.com/id?1019752
- http://www.securitytracker.com/id?1019753
- http://secunia.com/advisories/29660
- http://www.vupen.com/english/advisories/2008/1077/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41631
- collector/nvd-historical
- collector/nvd-index
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/type
- agent/event
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/symantec
- canonical/symantec norton internet security
- version/symantec norton internet security/2008
- canonical/symantec norton antivirus
- version/symantec norton antivirus/2008
- version/symantec norton internet security/2007
- version/symantec norton antivirus/2007
- canonical/symantec system works
- version/symantec system works/2006
- version/symantec system works/2007
- version/symantec norton antivirus/2006
- version/symantec system works/2008
- version/symantec norton internet security/2006
- canonical/symantec norton 360
- version/symantec norton 360/1.0