CVE-2006-6490

Name of the Vulnerable Software and Affected Versions: Symantec Automated Support Assistant (affected versions not specified) Norton AntiVirus (affected versions not specified) Norton Internet Security (affected versions not specified) Norton System Works 2006 (affected versions not specified)

Description: The issue is related to multiple buffer overflows in the SupportSoft ActiveX controls, specifically in the SmartIssue and ScriptRunner components. This allows remote attackers to execute arbitrary code via a crafted HTML message.

Recommendations: For Symantec Automated Support Assistant, update to a version that includes the fix for the buffer overflows in the SmartIssue and ScriptRunner ActiveX controls. For Norton AntiVirus, update to a version that includes the fix for the buffer overflows in the SmartIssue and ScriptRunner ActiveX controls. For Norton Internet Security, update to a version that includes the fix for the buffer overflows in the SmartIssue and ScriptRunner ActiveX controls. For Norton System Works 2006, update to a version that includes the fix for the buffer overflows in the SmartIssue and ScriptRunner ActiveX controls. As a temporary workaround, consider disabling the tgctlsi.dll and tgctlsr.dll ActiveX controls until a patch is available.