Norton Internet Security 2008
by Symantec
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-1689 | 0.08 | — | 0.64 | May 16, 2007 | Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions. | |||
| CVE-2003-1149 | 0.03 | — | 0.02 | Oct 27, 2003 | Cross-site scripting (XSS) vulnerability in Symantec Norton Internet Security 2003 6.0.4.34 allows remote attackers to inject arbitrary web script or HTML via a URL to a blocked site, which is displayed on the blocked sites error page. | |||
| CVE-2008-5427 | 0.00 | — | 0.02 | Dec 11, 2008 | Norton Antivirus in Norton Internet Security 15.5.0.23 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service… | |||
| CVE-2007-5047 | 0.00 | — | 0.00 | Sep 24, 2007 | Norton Internet Security 2008 15.0.0.60 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the NtOpenSection kernel SSDT hook. … |
- CVE-2007-1689May 16, 2007risk 0.08cvss —epss 0.64
Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions.
- CVE-2003-1149Oct 27, 2003risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in Symantec Norton Internet Security 2003 6.0.4.34 allows remote attackers to inject arbitrary web script or HTML via a URL to a blocked site, which is displayed on the blocked sites error page.
- CVE-2008-5427Dec 11, 2008risk 0.00cvss —epss 0.02
Norton Antivirus in Norton Internet Security 15.5.0.23 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service…
- CVE-2007-5047Sep 24, 2007risk 0.00cvss —epss 0.00
Norton Internet Security 2008 15.0.0.60 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the NtOpenSection kernel SSDT hook. …