ID |
CVE-2006-6490
|
Summary |
Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:supportsoft:scriptrunner:*:*:*:*:*:*:*:*
cpe:2.3:a:supportsoft:scriptrunner:*:*:*:*:*:*:*:*
-
cpe:2.3:a:supportsoft:smartissue:*:*:*:*:*:*:*:*
cpe:2.3:a:supportsoft:smartissue:*:*:*:*:*:*:*:*
-
cpe:2.3:a:symantec:automated_support_assistant:*:*:*:*:*:*:*:*
cpe:2.3:a:symantec:automated_support_assistant:*:*:*:*:*:*:*:*
-
cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*
-
cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*
-
cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*
|
CVSS |
Base: | 10.0 (as of 17-10-2018 - 21:48) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
refmap
via4
|
bid | 22564 | bugtraq | - 20070223 Re: Stack Overflow in Third-Party ActiveX Controls affects Multiple Vendor Products Including Some Symantec Consumer Products and Automated Support
- 20070223 Stack Overflow in Third-Party ActiveX Controls affects Multiple Vendor Products Including Some Symantec Consumer Products and Automated Support
| cert-vn | VU#441785 | confirm | http://www.symantec.com/avcenter/security/Content/2007.02.22.html | idefense | 20070222 Multiple Vendor SupportSoft SmartIssue ActiveX Control Buffer Overflow Vulnerability | osvdb | | sectrack | - 1017688
- 1017689
- 1017690
- 1017691
| secunia | | vupen | - ADV-2007-0703
- ADV-2007-0704
| xf | supportsoft-activex-multiple-bo(32636) |
|
saint
via4
|
bid | 22564 | description | SupportSoft tgctlsi.dll ActiveX control buffer overflow | id | misc_av_supportsofttgax | osvdb | 33481 | title | supportsoft_activex | type | client |
|
Last major update |
17-10-2018 - 21:48 |
Published |
22-02-2007 - 21:28 |
Last modified |
17-10-2018 - 21:48 |