Unrated severityNVD Advisory· Published May 4, 2009· Updated Apr 23, 2026

CVE-2009-1517

Description

Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service (browser crash) and possibly execute arbitrary code via unspecified input to the (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, and (6) CallTour methods.

Affected products

Symantec/Norton Ghost
cpe:2.3:a:symantec:norton_ghost:14.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/34696nvdExploit
www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.htmlnvdExploitURL Repurposed
www.securitytracker.com/idnvd
exchange.xforce.ibmcloud.com/vulnerabilities/50098nvd
www.exploit-db.com/exploits/8523nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.006
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000