10

CVE-2006-6490

EPSS 32.65%
Published 22.02.2007 21:28:00
Last modified 09.04.2025 00:30:58
Source cret@cert.org
Teams watchlist Login
Open Login

Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message.

Affected products Warnungen 0 Metrics 2 CWE 0 References 20

Data is provided by the National Vulnerability Database (NVD)

Supportsoft ≫ Scriptrunner

Supportsoft ≫ Smartissue

Symantec ≫ Automated Support Assistant

Symantec ≫ Norton Antivirus Version2006

Symantec ≫ Norton Internet Security Version2006

Symantec ≫ Norton System Works Version2006

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	32.65%	0.967

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://archives.neohapsis.com/archives/bugtraq/2007-02/0454.html

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=478

http://osvdb.org/33481

http://osvdb.org/33482

http://secunia.com/advisories/24246

http://secunia.com/advisories/24251

http://www.kb.cert.org/vuls/id/441785

US Government Resource

http://www.securityfocus.com/archive/1/461147/100/0/threaded

http://www.securityfocus.com/bid/22564

http://www.securitytracker.com/id?1017688

http://www.securitytracker.com/id?1017689

http://www.securitytracker.com/id?1017690

http://www.securitytracker.com/id?1017691

http://www.symantec.com/avcenter/security/Content/2007.02.22.html

Patch

http://www.vupen.com/english/advisories/2007/0703

http://www.vupen.com/english/advisories/2007/0704

https://exchange.xforce.ibmcloud.com/vulnerabilities/32636

https://nvd.nist.gov/vuln/detail/CVE-2006-6490

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-6490

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-6490

EUVD