// For flags

CVE-2008-0313

 

Severity Score

6.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The ActiveDataInfo.LaunchProcess method in the SymAData.ActiveDataInfo.1 ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, does not properly determine the location of the AutoFix Tool, which allows remote attackers to execute arbitrary code via a remote (1) WebDAV or (2) SMB share.

El método ActiveDataInfo.LaunchProcess en el control ActiveX 2.7.0.1 SymAData.ActiveDataInfo.1 en SYMADATA.DLL sobre múltiples productos Symantec Norton incluyendo Norton 360 1.0, AntiVirus 2006 al 2008, Internet Security 2006 al 2008, y System Works 2006 al 2008, no es capaz de determinar correctamente la ubicación de AutoFix Tool, lo que permite a atacantes remotos ejecutar código de su elección a través de un recurso compartido del tipo (1) WebDAV o (2) SMB.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-01-16 CVE Reserved
  • 2008-04-04 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-09-10 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Symantec
Search vendor "Symantec"
Norton 360
Search vendor "Symantec" for product "Norton 360"
1.0
Search vendor "Symantec" for product "Norton 360" and version "1.0"
-
Affected
Symantec
Search vendor "Symantec"
Norton Antivirus
Search vendor "Symantec" for product "Norton Antivirus"
2006
Search vendor "Symantec" for product "Norton Antivirus" and version "2006"
-
Affected
Symantec
Search vendor "Symantec"
Norton Antivirus
Search vendor "Symantec" for product "Norton Antivirus"
2007
Search vendor "Symantec" for product "Norton Antivirus" and version "2007"
-
Affected
Symantec
Search vendor "Symantec"
Norton Antivirus
Search vendor "Symantec" for product "Norton Antivirus"
2008
Search vendor "Symantec" for product "Norton Antivirus" and version "2008"
-
Affected
Symantec
Search vendor "Symantec"
Norton Internet Security
Search vendor "Symantec" for product "Norton Internet Security"
2006
Search vendor "Symantec" for product "Norton Internet Security" and version "2006"
-
Affected
Symantec
Search vendor "Symantec"
Norton Internet Security
Search vendor "Symantec" for product "Norton Internet Security"
2007
Search vendor "Symantec" for product "Norton Internet Security" and version "2007"
-
Affected
Symantec
Search vendor "Symantec"
Norton Internet Security
Search vendor "Symantec" for product "Norton Internet Security"
2008
Search vendor "Symantec" for product "Norton Internet Security" and version "2008"
-
Affected
Symantec
Search vendor "Symantec"
System Works
Search vendor "Symantec" for product "System Works"
2006
Search vendor "Symantec" for product "System Works" and version "2006"
-
Affected
Symantec
Search vendor "Symantec"
System Works
Search vendor "Symantec" for product "System Works"
2007
Search vendor "Symantec" for product "System Works" and version "2007"
-
Affected
Symantec
Search vendor "Symantec"
System Works
Search vendor "Symantec" for product "System Works"
2008
Search vendor "Symantec" for product "System Works" and version "2008"
-
Affected