What is CVE-2007-1689?

CVE-2007-1689 is a vulnerability in N/a. Published 2007-05-16.

Is CVE-2007-1689 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2007-1689

Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions.

EPSS: 0.790 (99.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

ADV-2007-1843 (vdb-entry, x_refsource_VUPEN)
www.symantec.com/avcenter/security/Content/2007.05.16.html (x_refsource_CONFIRM)
23936 (vdb-entry, x_refsource_BID)
36164 (x_refsource_OSVDB, vdb-entry)
1018073 (vdb-entry, x_refsource_SECTRACK)
25290 (x_refsource_SECUNIA, third-party-advisory)
VU#983953 (x_refsource_CERT-VN, third-party-advisory)
symantec-islalert-bo(34328) (vdb-entry, x_refsource_XF)
20070516 Symantec Product Security: Norton Personal Firewall 2004 ActiveX Control vulnerability (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2007-1689?: CVE-2007-1689 is a vulnerability in N/a. Published 2007-05-16.
Is CVE-2007-1689 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.