Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0470


Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0470
Last Modified 10 Sep 2008 03:19:05
Published 07 Aug 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings.

Vulnerable Systems


  • Symantec Security Check


CERT-VN - VU#527228

BUGTRAQ - 20030624 [Symantec Security Advisor] Symantec Security Check ActiveX Buffer Overflow

XF - symantec-security-activex-bo(12423)

BID - 8008

SECTRACK - 1007029

SECUNIA - 9091

FULLDISC - 20030622 Symantec ActiveX control buffer overflow

Last Updated: 27 May 2016 10:37:56