Symantec.NavComUI.ActiveX.Control.Remote.Code.Execution
Description
This indicates an attempt to exploit a remote Code Execution vulnerability that is present in multiple Symantec products.
The vulnerability is caused by the improper handling of the "AnomalyList" and "Anomaly" properties, by the "AxSysListView32" and "AxSysListView32OAA" ActiveX controls in "NavComUI.dll". It could allow a remote attacker to execute arbitrary code on a vulnerable system.
Affected Products
Symantec Norton System Works 2006
Symantec Norton Internet Security 2006
Symantec Norton Internet Security 2005 Anti Spyware Edition
Symantec Norton AntiVirus 2006
Impact
System compromise: Arbitrary code execution.
Recommended Actions
The vendor has released fixes to address these issues, which are available via LiveUpdate in Interactive Mode.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |