RCE in Symantec Norton_antivirus
CVE-2006-3456
The Symantec NAVOPTS.DLL ActiveX control (aka Symantec.Norton.AntiVirus.NAVOptions) 12.2.0.13, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, is designed for use only in application-embedded web browsers, w…
Vulnerability class: RCE (Remote Code Execution)
EPSS: 0.039 (88.8th percentile) — read the EPSS interpretation.
Affected products
- Symantec Norton_antivirus — versions 2005, 2006
- Symantec Norton_internet_security — versions 2005, 2006
- Symantec Norton_system_works — versions 2005, 2006
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_IDEFENSE, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (vdb-entry, x_refsource_XF)