PT-1997-1230 · Microsoft+1 · Internet Explorer+3

Published

1997-05-04

Updated

2008-09-05

CVE-1999-1380

CVSS v2.0

5.1

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Symantec Norton Utilities version 2.0 for Windows 95

Description The issue allows remote attackers to execute arbitrary commands via malicious web pages accessed by browsers such as Internet Explorer 3.0, because the TUNEOCX.OCX ActiveX control is marked as safe for scripting.

Recommendations For Symantec Norton Utilities version 2.0 for Windows 95, consider disabling the TUNEOCX.OCX ActiveX control as a temporary workaround until a patch is available. Restrict access to malicious web pages to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1380

Affected Products

Internet Explorer

Symantec Norton Utilities

Tuneocx.Ocx Activex Control

Windows 95

PT-1997-1230 · Microsoft+1 · Internet Explorer+3

CVE-1999-1380

Related Identifiers

Affected Products

References · 5