CVE-2003-0470

Published: Aug 7, 2003Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings.

Affected (1)

Products: Symantec: Security Check

Symantec

1 product

Security Check

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Symantec Security Check	All versions

References (14)

http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/006014.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=105647537823877&w=2

Source: cve@mitre.org

http://secunia.com/advisories/9091

Source: cve@mitre.org

http://securitytracker.com/id?1007029

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/527228

Source: cve@mitre.org

US Government Resource

http://www.securityfocus.com/bid/8008

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/12423

Source: cve@mitre.org

http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/006014.html