10

CVE-2006-6490

Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.34% 0.951
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://archives.neohapsis.com/archives/bugtraq/2007-02/0454.html
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=478
http://osvdb.org/33481
http://osvdb.org/33482
http://secunia.com/advisories/24246
http://secunia.com/advisories/24251
http://www.kb.cert.org/vuls/id/441785
US Government Resource
http://www.securityfocus.com/archive/1/461147/100/0/threaded
http://www.securityfocus.com/bid/22564
http://www.securitytracker.com/id?1017688
http://www.securitytracker.com/id?1017689
http://www.securitytracker.com/id?1017690
http://www.securitytracker.com/id?1017691
http://www.symantec.com/avcenter/security/Content/2007.02.22.html
Patch
http://www.vupen.com/english/advisories/2007/0703
http://www.vupen.com/english/advisories/2007/0704
https://exchange.xforce.ibmcloud.com/vulnerabilities/32636