Check Point Reference: | CPAI-2011-495 |
Date Published: | 15 Nov 2011 |
Severity: | High |
Last Updated: | Tuesday 15 November, 2011 |
Source: | |
Industry Reference: | CVE-2007-1689 |
Protection Provided by: |
Security Gateway |
Who is Vulnerable? | |
Vulnerability Description | A remote code execution vulnerability has been reported in Symantec Norton Internet Security 2004. The vulnerability is due to data validation failure by the ISAlertDataCOM ActiveX control. A remote attacker may exploit this vulnerability by enticing an affected user to open a specially crafted web-site. Successful exploitation could lead to arbitrary code execution, resulting in a loss of integrity. |
This protection will detect and block attempts to open a specially crafted web-page.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: Web Client Enforcement Violation.
Attack Information: Symantec Norton internet security 2004 ActiveX control buffer overflow