ID CVE-2004-0363
Summary Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Norton Internet Security 2004, allows remote attackers to execute arbitrary code via a long parameter to the LaunchCustomRuleWizard method.
References
Vulnerable Configurations
  • cpe:2.3:a:symantec:norton_antispam:2004
    cpe:2.3:a:symantec:norton_antispam:2004
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description Norton AntiSpam 2004 SymSpamHelper ActiveX Control Buffer Overflow. CVE-2004-0363. Remote exploit for windows platform
id EDB-ID:16595
last seen 2016-02-02
modified 2010-05-09
published 2010-05-09
reporter metasploit
source https://www.exploit-db.com/download/16595/
title Norton AntiSpam 2004 SymSpamHelper ActiveX Control Buffer Overflow
metasploit via4
description This module exploits a stack buffer overflow in Norton AntiSpam 2004. When sending an overly long string to the LaunchCustomRuleWizard() method of symspam.dll (2004.1.0.147) an attacker may be able to execute arbitrary code.
id MSF:EXPLOIT/WINDOWS/BROWSER/NIS2004_ANTISPAM
last seen 2019-02-27
modified 2017-10-05
published 2009-01-10
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/nis2004_antispam.rb
title Norton AntiSpam 2004 SymSpamHelper ActiveX Control Buffer Overflow
packetstorm via4
data source https://packetstormsecurity.com/files/download/83053/nis2004_antispam.rb.txt
id PACKETSTORM:83053
last seen 2016-12-05
published 2009-11-26
reporter MC
source https://packetstormsecurity.com/files/83053/Norton-AntiSpam-2004-SymSpamHelper-ActiveX-Control-Buffer-Overflow.html
title Norton AntiSpam 2004 SymSpamHelper ActiveX Control Buffer Overflow
refmap via4
bid 9916
bugtraq
  • 20040319 Norton AntiSpam Remote Buffer Overrun (#NISR19042004a)
  • 20040319 Ref: NGSSoftware Advisories NISR19042004a and NISR19042004b
cert-vn VU#344718
confirm http://www.sarc.com/avcenter/security/Content/2004.03.19.html
misc http://www.nextgenss.com/advisories/antispam.txt
secunia 11169
xf nas-launchcustomrulewizard-bo(15536)
saint via4
bid 9916
description Norton AntiSpam 2004 SymSpamHelper ActiveX control buffer overflow
id misc_symspam
osvdb 6249
title norton_antispam_symspam_rulewizard
type client
Last major update 17-10-2016 - 22:44
Published 15-04-2004 - 00:00
Last modified 10-07-2017 - 21:30
Back to Top