Symantec Corp. has patched a flawed ActiveX control in its Norton security products that attackers could exploit to run malware on targeted machines.
An ActiveX control used by Norton Personal Firewall 2004 and Norton Internet Security 2004 contains a buffer overflow vulnerability, Cupertino, Calif.-based Symantec said in an advisory. Norton Internet Security is a software package for Microsoft Windows systems that includes antivirus, firewall, spam and content filtering, intrusion detection and privacy protection.
"The error occurs in the Get() and Set() functions used by ISAlertDataCOM, which is part of ISLALERT.DLL," the vendor said. "A successful exploit of this vulnerability could potentially allow the remote execution of code on a vulnerable system, with the rights of the logged-in user."
To successfully exploit the flaw, Symantec said an attacker would need to trick the user into viewing a specially crafted HTML document.
"This type of attack is often achieved by sending email containing a link to the malicious site, and persuading the recipient to click on the link," the company noted. "Symantec is not aware of any customers impacted by this issue, or of any attempts to exploit the issue."
Symantec product engineers confirmed that the issue affects Norton Personal Firewall and Norton Internet Security 2004 only. Product updates to correct the problem are available through LiveUpdate.
Danish vulnerability clearinghouse Secunia conducted its own test of the flaw and deemed it "highly critical."
A researcher from the United States Computer Emergency Readiness Team (US-CERT) first discovered the flaw and reported it to Symantec.