• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Symantec announces ActiveX vulnerability


Regular Member
My Satellite Setup
My Location
Symantec announces ActiveX vulnerability

Symantec has revealed details of a vulnerability in two ActiveX controls used in its Norton Windows antivirus software.

The vulnerability was reported by security research firm Secunia as "highly critical" and Symantec urged users to update their software immediately.

Norton AntiVirus 2006, Norton Internet Security 2006, Norton SystemWorks 2006 and Norton Internet Security 2005 AntiSpyware Edition are affected.

Symantec's corporate security software is not affected.

The problem in the ActiveX controls could allow a hacker to execute code on an affected PC.

It comes about because of an input validation error, which fails to analyse incoming data for malicious commands before executing them.

To exploit the vulnerability, hackers could send emails to users inviting them to click on a link to a website containing the exploit code, Symantec said.

Regards Satdude.