CVE-2009-1517
Norton Ghost Support module for EasySetup wizard - Remote Denial of Service (PoC)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service (browser crash) and possibly execute arbitrary code via unspecified input to the (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, and (6) CallTour methods.
Múltiples vulnerabilidades de método inseguro en el control ActiveX Symantec.EasySetup.1 en EasySetupInt.dll v14.0.4.30167 en el asistente EasySetup en Symantec Norton Ghost v14.0 permite a atacantes remotos provocar una denegación de servicio (caída del navegador) y posiblemente ejecución de código de su elección a través de una entrada no específica en los métodos (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, y (6) CallTour.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2009-05-04 CVE Reserved
- 2009-05-04 CVE Published
- 2024-05-17 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://www.securitytracker.com/id?1022120 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/50098 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/8523 | 2024-08-07 | |
http://www.securityfocus.com/bid/34696 | 2024-08-07 | |
http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Symantec Search vendor "Symantec" | Norton Ghost Search vendor "Symantec" for product "Norton Ghost" | 14.0 Search vendor "Symantec" for product "Norton Ghost" and version "14.0" | - |
Affected
|