Vulnonym.org

CVE-2008-0312 - Simious Fabrication

Description

Stack-based buffer overflow in the AutoFix Support Tool ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products including Norton 360 1.0 AntiVirus 2006 through 2008 Internet Security 2006 through 2008 and System Works 2006 through 2008 allows remote attackers to execute arbitrary code via a long argument to the GetEventLogInfo method. NOTE: some of these details are obtained from third party information.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=677 http://securityresponse.symantec.com/avcenter/security/Content/2008.04.02a.html http://www.securityfocus.com/bid/28507 http://www.securitytracker.com/id?1019751 http://www.securitytracker.com/id?1019752 http://www.securitytracker.com/id?1019753 http://secunia.com/advisories/29660 http://www.vupen.com/english/advisories/2008/1077/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41629