CVE-2006-6490 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-6490
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-6490

Description: Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/32636 ST 1017688 1017689 1017690 1017691 SAID Secunia Advisory: SA24246 Secunia Advisory: SA24251 OSVDB 33481 33482 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=478 CONFIRM http://www.symantec.com/avcenter/security/Content/2007.02.22.html CERT-VN 441785 BUGTRAQ http://archives.neohapsis.com/archives/bugtraq/2007-02/0454.html http://www.securityfocus.com/archive/1/archive/1/461147/100/0/threaded BID 22564

Return to the previous page.