Vulnerability Description
Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Norton Internet Security | 2004 |
| Symantec | Norton Personal Firewall | 2004 |
References
- http://osvdb.org/36164
- http://secunia.com/advisories/25290Vendor Advisory
- http://www.kb.cert.org/vuls/id/983953US Government Resource
- http://www.securityfocus.com/archive/1/468779/100/0/threaded
- http://www.securityfocus.com/bid/23936
- http://www.securitytracker.com/id?1018073
- http://www.symantec.com/avcenter/security/Content/2007.05.16.htmlPatchVendor Advisory
- http://www.vupen.com/english/advisories/2007/1843
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34328
- http://osvdb.org/36164
- http://secunia.com/advisories/25290Vendor Advisory
- http://www.kb.cert.org/vuls/id/983953US Government Resource
- http://www.securityfocus.com/archive/1/468779/100/0/threaded
- http://www.securityfocus.com/bid/23936
- http://www.securitytracker.com/id?1018073
FAQ
What is CVE-2007-1689?
CVE-2007-1689 is a vulnerability with a CVSS score of 10.0 (HIGH). Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments ...
How severe is CVE-2007-1689?
CVE-2007-1689 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1689?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Norton Internet Security, Symantec Norton Personal Firewall.