Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0470

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0470
Last Modified 10 Sep 2008 03:19:05
Published 07 Aug 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0470

Summary

Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings.

Vulnerable Systems

Application

  • Symantec Security Check


References

CERT-VN - VU#527228

BUGTRAQ - 20030624 [Symantec Security Advisor] Symantec Security Check ActiveX Buffer Overflow

XF - symantec-security-activex-bo(12423)

BID - 8008

SECTRACK - 1007029

SECUNIA - 9091

FULLDISC - 20030622 Symantec ActiveX control buffer overflow


Last Updated: 27 May 2016 10:37:56