4.3
CVE-2009-1517
- EPSS 6.59%
- Veröffentlicht 04.05.2009 18:30:00
- Zuletzt bearbeitet 16.06.2026 23:07:26
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service (browser crash) and possibly execute arbitrary code via unspecified input to the (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, and (6) CallTour methods.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Symantec ≫ Norton Ghost Version14.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 6.59% | 0.93 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
http://www.securityfocus.com/bid/34696
http://www.securitytracker.com/id?1022120
http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/50098
https://www.exploit-db.com/exploits/8523