CVE-2009-1428

Name of the Vulnerable Software and Affected Versions Symantec AntiVirus versions prior to 10.1 MR8 Symantec Endpoint Protection versions prior to 11.0 MR1 Norton 360 version 1.0 Norton Internet Security versions 2005 through 2008

Description The issue allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, related to two parsing errors in the Symantec Log Viewer. This can be exploited through API endpoints, although specific endpoints are not mentioned. Vulnerable parameters or variables, such as email message, can be used to inject malicious scripts.

Recommendations For Symantec AntiVirus versions prior to 10.1 MR8, update to version 10.1 MR8 or later. For Symantec Endpoint Protection versions prior to 11.0 MR1, update to version 11.0 MR1 or later. For Norton 360 version 1.0, consider upgrading to a newer version of Norton 360. For Norton Internet Security versions 2005 through 2008, consider upgrading to a newer version of Norton Internet Security. As a temporary workaround, consider restricting the handling of crafted e-mail messages to minimize the risk of exploitation.