CVE-1999-1380
Summary
| CVE | CVE-1999-1380 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 1997-05-04 04:00:00 UTC |
| Updated | 2023-11-07 01:55:00 UTC |
| Description | Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Symantec | Norton Utilities | 2.0 | All | All | All |
| Application | Symantec | Norton Utilities | 2.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| ZDNet |UK| - News - Story - ActiveX script for disaster highlights IE security flaw | MISC | news.zdnet.co.uk | Vendor Advisory |
| ZDNet |UK| - News - Story - ActiveX script for disaster highlights IE security flaw | news.zdnet.co.uk | ||
| ISS X-Force Database: nu-tuneocx-activex-control (7188): Norton Utilities for Windows 95 `tuneocx.ocx` ActiveX control could allow remote command execution | XF | www.iss.net | |
| Windows 95 List May 1997 Archives: Norton/Microsoft Security Breach (Long) (fwd) | MISC | mlarchive.ima.com | Patch, Vendor Advisory |
| www.net-security.sk/bugs/NT/nu20.html | MISC | www.net-security.sk | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.