1. Home
  2. CVE Database
  3. CVE-2006-6490
HIGH · 10.0

CVE-2006-6490

Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Int...

Vulnerability Description

Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
SupportsoftScriptrunnerAll versions
SupportsoftSmartissueAll versions
SymantecAutomated Support AssistantAll versions
SymantecNorton Antivirus2006
SymantecNorton Internet Security2006
SymantecNorton System Works2006

References

FAQ

What is CVE-2006-6490?

CVE-2006-6490 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Int...

How severe is CVE-2006-6490?

CVE-2006-6490 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-6490?

Check the references section above for vendor advisories and patch information. Affected products include: Supportsoft Scriptrunner, Supportsoft Smartissue, Symantec Automated Support Assistant, Symantec Norton Antivirus, Symantec Norton Internet Security.