Symantec Norton Personal Firewall 2004 ActiveX Control Buffer Overflow Vulnerability
BID:23936
Info
Symantec Norton Personal Firewall 2004 ActiveX Control Buffer Overflow Vulnerability
| Bugtraq ID: | 23936 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-1689 |
| Remote: | Yes |
| Local: | No |
| Published: | May 16 2007 12:00AM |
| Updated: | Nov 02 2007 11:56PM |
| Credit: | Will Dormann of the CERT Coordination Center is credited with the discovery of this vulnerability |
| Vulnerable: |
Symantec Norton Personal Firewall 2004 Symantec Norton Internet Security 2004 |
| Not Vulnerable: | |
Discussion
Symantec Norton Personal Firewall 2004 ActiveX Control Buffer Overflow Vulnerability
Symantec Norton Personal Firewall ActiveX Control is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
A successful attack would corrupt process memory, allowing arbitrary code to run in the context of the client application using the affected ActiveX control (typically Internet Explorer).
Symantec Norton Personal Firewall ActiveX Control is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
A successful attack would corrupt process memory, allowing arbitrary code to run in the context of the client application using the affected ActiveX control (typically Internet Explorer).
Exploit / POC
Symantec Norton Personal Firewall 2004 ActiveX Control Buffer Overflow Vulnerability
UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
The following Metasploit exploit is available:
UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
The following Metasploit exploit is available:
Solution / Fix
Symantec Norton Personal Firewall 2004 ActiveX Control Buffer Overflow Vulnerability
Solution:
The vendor released updates and an advisory to address this issue. Symantec LiveUpdate will install these updates. Please see the references for more information.
Solution:
The vendor released updates and an advisory to address this issue. Symantec LiveUpdate will install these updates. Please see the references for more information.
References
Symantec Norton Personal Firewall 2004 ActiveX Control Buffer Overflow Vulnerability
References:
References:
- Microsoft Knowledge Base Article 240797 (Microsoft)
- Norton Internet Security Homepage (Symantec)
- Norton Personal Firewall Homepage (Symantec)
- SYM07-007: Symantec Norton Personal Firewall 2004 ActiveX Control Buffer Overflo (Symantec)
- Symantec Product Security: Norton Personal Firewall 2004 ActiveX Control vulnera (Symantec Product Security Team)
- Vulnerability Note VU#983953 (US-CERT )