CVE-2008-0313
Last modified
CVE-2008-0313 is a vulnerability of currently unknown severity. The ActiveDataInfo.LaunchProcess method in the SymAData.ActiveDataInfo.1 ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, does not properly determine the location of the AutoFix Tool, which allows remote attackers to execute arbitrary code via a remote (1) WebDAV or (2) SMB share.. EPSS estimates a 4.03% chance of exploitation in the next 30 days.
Description
The ActiveDataInfo.LaunchProcess method in the SymAData.ActiveDataInfo.1 ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, does not properly determine the location of the AutoFix Tool, which allows remote attackers to execute arbitrary code via a remote (1) WebDAV or (2) SMB share.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Norton 360 | 1.0 |
| Symantec | Norton Antivirus | 2006 |
| Symantec | Norton Antivirus | 2007 |
| Symantec | Norton Antivirus | 2008 |
| Symantec | Norton Internet Security | 2006 |
| Symantec | Norton Internet Security | 2007 |
| Symantec | Norton Internet Security | 2008 |
| Symantec | System Works | 2006 |
| Symantec | System Works | 2007 |
| Symantec | System Works | 2008 |
References
- http://secunia.com/advisories/29660Patch, Vendor Advisory
- http://secunia.com/advisories/29660Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2008-0313?
How severe is CVE-2008-0313?
How do I fix CVE-2008-0313?
Are you affected by CVE-2008-0313?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST