Symantec on Wednesday patched a vulnerability in Norton Personal Firewall 2004 and Norton Internet Security 2004 that can be exploited for remote code execution.The anti-virus giant advised users to employ LiveUpdate to patch the buffer overflow vulnerability in an ActiveX control used by the two programs.
CERT had notified Symantec of the vulnerability [WHEN], which occurs in the Get() and Set() functions used by ISAlertDataCOM, a function of ISALERT.DLL.
Symantec and US-CERT warned today that for successful exploitation, an attacker must dupe the victim into visiting a malicious website and clicking on a malicious document.
Symantec, in an advisory released on Wednesday, ranked the flaw’s risk impact as "medium." A Symantec spokesman today referred questions to the advisory.
Secunia reported in an advisory released today that researcher Will Dorman of CERT/CC discovered the flaw, which can be exploited to cause a stack-based buffer overflow via an overly long argument.
Secunia ranked the flaw as "highly critical," meaning it can be exploited from a remote location.
FrSIRT yesterday rated the vulnerability as "critical."