PT-1997-1230 · Microsoft+1 · Internet Explorer+3

Publicado

1997-05-04

Atualizado

2008-09-05

CVE-1999-1380

CVSS v2.0

5.1

Média

Vetor

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Symantec Norton Utilities version 2.0 for Windows 95

Description The issue allows remote attackers to execute arbitrary commands via malicious web pages accessed by browsers such as Internet Explorer 3.0, because the TUNEOCX.OCX ActiveX control is marked as safe for scripting.

Recommendations For Symantec Norton Utilities version 2.0 for Windows 95, consider disabling the TUNEOCX.OCX ActiveX control as a temporary workaround until a patch is available. Restrict access to malicious web pages to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-1999-1380

Produtos afetados

Internet Explorer

Symantec Norton Utilities

Tuneocx.Ocx Activex Control

Windows 95

PT-1997-1230 · Microsoft+1 · Internet Explorer+3

CVE-1999-1380

Identificadores relacionados

Produtos afetados

Referências · 5