Norton_internet_security - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Norton_internet_security
(Symantec)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	40

Date	Id	Summary	Products	Score	Patch	Annotated
2007-05-16	CVE-2007-1689	Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions.	Norton_internet_security, Norton_personal_firewall	N/A
2007-03-16	CVE-2007-1476	The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855.	Client_security, Norton_antispam, Norton_antivirus, Norton_internet_security, Norton_personal_firewall, Norton_system_works	N/A
2007-10-05	CVE-2007-0447	Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.	Antivirus_scan_engine, Brightmail_antispam, Client_security, Gateway_security_5000_series, Gateway_security_5400, Mail_security, Mail_security_8820_appliance, Norton_antivirus, Norton_internet_security, Norton_personal_firewall, Norton_system_works, Symantec_antivirus_filtering_\+for_domino, Web_security	N/A
2007-02-22	CVE-2006-6490	Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message.	Scriptrunner, Smartissue, Automated_support_assistant, Norton_antivirus, Norton_internet_security, Norton_system_works	N/A
2006-10-18	CVE-2006-5404	Unspecified vulnerability in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted remote attackers to obtain sensitive information via unspecified vectors.	Automated_support_assistant, Norton_antivirus, Norton_internet_security, Norton_system_works	N/A
2006-10-18	CVE-2006-5403	Stack-based buffer overflow in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.	Automated_support_assistant, Norton_antivirus, Norton_internet_security, Norton_system_works	N/A
2006-09-19	CVE-2006-4855	The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.	Client_security, Host_ids, Norton_antivirus, Norton_internet_security, Norton_personal_firewall, Norton_system_works, Pcanywhere	N/A
2007-05-11	CVE-2006-3456	The Symantec NAVOPTS.DLL ActiveX control (aka Symantec.Norton.AntiVirus.NAVOptions) 12.2.0.13, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, is designed for use only in application-embedded web browsers, which allows remote attackers to "crash the control" via unspecified vectors related to content on a web site, and place Internet Explorer into a "defunct state" in which remote attackers can execute arbitrary code in addition to other Symantec ActiveX...	Norton_antivirus, Norton_internet_security, Norton_system_works	N/A
2006-04-19	CVE-2006-1836	Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program.	Liveupdate, Norton_antivirus, Norton_internet_security, Norton_personal_firewall, Norton_system_works, Norton_utilities	N/A
2005-05-02	CVE-2005-1346	Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file.	Antivirus_scan_engine, Mail_security, Norton_antivirus, Norton_internet_security, Norton_system_works, Symav_filter_domino_nt, Web_security	N/A