CVE-2008-0313
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The ActiveDataInfo.LaunchProcess method in the SymAData.ActiveDataInfo.1 ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, does not properly determine the location of the AutoFix Tool, which allows remote attackers to execute arbitrary code via a remote (1) WebDAV or (2) SMB share.
El método ActiveDataInfo.LaunchProcess en el control ActiveX 2.7.0.1 SymAData.ActiveDataInfo.1 en SYMADATA.DLL sobre múltiples productos Symantec Norton incluyendo Norton 360 1.0, AntiVirus 2006 al 2008, Internet Security 2006 al 2008, y System Works 2006 al 2008, no es capaz de determinar correctamente la ubicación de AutoFix Tool, lo que permite a atacantes remotos ejecutar código de su elección a través de un recurso compartido del tipo (1) WebDAV o (2) SMB.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-01-16 CVE Reserved
- 2008-04-04 CVE Published
- 2024-08-07 CVE Updated
- 2024-09-10 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=678 | Third Party Advisory | |
| http://securityresponse.symantec.com/avcenter/security/Content/2008.04.02a.html | X_refsource_confirm | |
| http://www.securitytracker.com/id?1019751 | Vdb Entry | |
| http://www.securitytracker.com/id?1019752 | Vdb Entry | |
| http://www.securitytracker.com/id?1019753 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2008/1077/references | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41631 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/29660 | 2017-08-08 | |
| http://www.securityfocus.com/bid/28509 | 2017-08-08 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Symantec Search vendor "Symantec" | Norton 360 Search vendor "Symantec" for product "Norton 360" | 1.0 Search vendor "Symantec" for product "Norton 360" and version "1.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus" | 2006 Search vendor "Symantec" for product "Norton Antivirus" and version "2006" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus" | 2007 Search vendor "Symantec" for product "Norton Antivirus" and version "2007" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus" | 2008 Search vendor "Symantec" for product "Norton Antivirus" and version "2008" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security" | 2006 Search vendor "Symantec" for product "Norton Internet Security" and version "2006" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security" | 2007 Search vendor "Symantec" for product "Norton Internet Security" and version "2007" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security" | 2008 Search vendor "Symantec" for product "Norton Internet Security" and version "2008" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | System Works Search vendor "Symantec" for product "System Works" | 2006 Search vendor "Symantec" for product "System Works" and version "2006" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | System Works Search vendor "Symantec" for product "System Works" | 2007 Search vendor "Symantec" for product "System Works" and version "2007" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | System Works Search vendor "Symantec" for product "System Works" | 2008 Search vendor "Symantec" for product "System Works" and version "2008" | - |
Affected
| ||||||