Buffer overflow in Microsoft Windows

CVE-2008-0312

Stack-based buffer overflow in the AutoFix Support Tool ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products, including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Wo…

Vulnerability class: Buffer Overflow

EPSS: 0.061 (92.5th percentile) — read the EPSS interpretation.

Affected products

Microsoft Windows
Symantec Norton_360 — versions 1.0
Symantec Norton_antivirus — versions 2006, 2007, 2008
Symantec Norton_internet_security — versions 2006, 2007, 2008
Symantec Norton_system_works — versions 2006, 2007, 2008
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (Patch, vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM, Patch)
cve@mitre.org (Patch, vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (Patch, vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
cve@mitre.org (vdb-entry, x_refsource_VUPEN)
cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (x_refsource_IDEFENSE, third-party-advisory)