PT-2010-1927 · Symantec · Norton Internet Security+5
Published
2010-02-23
·
Updated
2018-10-10
·
CVE-2010-0107
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Symantec N360 versions 1.0 through 2.0
Norton Internet Security versions 2006 through 2008
Norton AntiVirus versions 2006 through 2008
Norton SystemWorks versions 2006 through 2008
Norton Confidential versions 2006 through 2008
Symantec Client Security versions 3.0.x through 3.1.x before MR9
Description
The issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors, but only if the attacker can masquerade as an authorized site.
Recommendations
For Symantec N360 versions 1.0 through 2.0, update to a version outside of the affected range.
For Norton Internet Security versions 2006 through 2008, update to a version outside of the affected range.
For Norton AntiVirus versions 2006 through 2008, update to a version outside of the affected range.
For Norton SystemWorks versions 2006 through 2008, update to a version outside of the affected range.
For Norton Confidential versions 2006 through 2008, update to a version outside of the affected range.
For Symantec Client Security versions 3.0.x through 3.1.x before MR9, update to version 3.1 MR9 or later.
Fix
DoS
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Norton Antivirus
Norton Confidential
Norton Internet Security
Norton Systemworks
Symantec Client Security
Symantec N360