CVE-2004-0363

Name: CVE-2004-0363
Creator: NVD / NIST
Published: 2004-04-15T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 66.57%

Last modified Jun 16, 2026

CVE-2004-0363 is a vulnerability of currently unknown severity. Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Norton Internet Security 2004, allows remote attackers to execute arbitrary code via a long parameter to the LaunchCustomRuleWizard method.. EPSS estimates a 66.57% chance of exploitation in the next 30 days.

Description

Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Norton Internet Security 2004, allows remote attackers to execute arbitrary code via a long parameter to the LaunchCustomRuleWizard method.

Metrics

EPSS Probability

66.57%

99.2th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Symantec	Norton Antispam	2004

References

http://marc.info/?l=bugtraq&m=107970870606638&w=2
http://marc.info/?l=bugtraq&m=107980262324362&w=2
http://secunia.com/advisories/11169
http://www.kb.cert.org/vuls/id/344718US Government Resource
http://www.nextgenss.com/advisories/antispam.txtPatch, Vendor Advisory
http://www.sarc.com/avcenter/security/Content/2004.03.19.html
http://www.securityfocus.com/bid/9916Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15536
http://marc.info/?l=bugtraq&m=107970870606638&w=2
http://marc.info/?l=bugtraq&m=107980262324362&w=2
http://secunia.com/advisories/11169
http://www.kb.cert.org/vuls/id/344718US Government Resource
http://www.nextgenss.com/advisories/antispam.txtPatch, Vendor Advisory
http://www.sarc.com/avcenter/security/Content/2004.03.19.html
http://www.securityfocus.com/bid/9916Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/15536

Timeline

Published: Apr 15, 2004
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2004-0363?

How severe is CVE-2004-0363?

Severity scoring for CVE-2004-0363 is pending analysis. The EPSS model estimates a 66.57% probability of exploitation in the next 30 days.

How do I fix CVE-2004-0363?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2004-0363?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST