CVE-2006-6490

https://notcve.org/view.php?id=CVE-2006-6490

Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message. Múltiples desbordamiento de búfer en los controles ActiveX de SupportSoft (1) SmartIssue (tgctlsi.dll) y (2) ScriptRunner (tgctlsr.dll), tal y como se usan en Symantec Automated Support Assistant y Norton AntiVirus, Internet Security, y System Works 2006, permite a atacantes remotos ejecutar código de su elección mediante un mensaje HTML manipulado. • http://archives.neohapsis.com/archives/bugtraq/2007-02/0454.html http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=478 http://osvdb.org/33481 http://osvdb.org/33482 http://secunia.com/advisories/24246 http://secunia.com/advisories/24251 http://www.kb.cert.org/vuls/id/441785 http://www.securityfocus.com/archive/1/461147/100/0/threaded http://www.securityfocus.com/bid/22564 http://www.securitytracker.com/id?1017688 http://www.securitytracker.com/id?10 •