CVE-2008-0312
Last modified
CVE-2008-0312 is a vulnerability of currently unknown severity. Stack-based buffer overflow in the AutoFix Support Tool ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products, including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, allows remote attackers to execute arbitrary code via a long argument to the GetEventLogInfo method. NOTE: some of these details are obtained from third party information.. EPSS estimates a 6.15% chance of exploitation in the next 30 days.
Description
Stack-based buffer overflow in the AutoFix Support Tool ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products, including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, allows remote attackers to execute arbitrary code via a long argument to the GetEventLogInfo method. NOTE: some of these details are obtained from third party information.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Norton 360 | 1.0 |
| Symantec | Norton Antivirus | 2006 |
| Symantec | Norton Antivirus | 2007 |
| Symantec | Norton Antivirus | 2008 |
| Symantec | Norton Internet Security | 2006 |
| Symantec | Norton Internet Security | 2007 |
| Symantec | Norton Internet Security | 2008 |
| Symantec | Norton System Works | 2006 |
| Symantec | Norton System Works | 2007 |
| Symantec | Norton System Works | 2008 |
References
- http://secunia.com/advisories/29660Patch, Vendor Advisory
- http://secunia.com/advisories/29660Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2008-0312?
How severe is CVE-2008-0312?
How do I fix CVE-2008-0312?
Are you affected by CVE-2008-0312?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST