PT-2007-5172 · Norman · Norman Antivirus

Published

2007-07-24

Updated

2018-10-15

CVE-2007-3952

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Norman Antivirus versions prior to 5.91.02

Description: The issue concerns the OLE2 parsing in Norman Antivirus, which allows remote attackers to bypass malware detection. This is achieved through a crafted DOC file, resulting from an "integer cast around".

Recommendations: For versions prior to 5.91.02, update to version 5.91.02 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-3952

Affected Products

Norman Antivirus

PT-2007-5172 · Norman · Norman Antivirus

CVE-2007-3952

Related Identifiers

Affected Products

References · 10