CVE-2007-1689

Published: May 16, 2007Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions.

Affected (2)

Products: Symantec: Norton Internet Security, Norton Personal Firewall

Symantec

2 products

Norton Internet Security

Norton Personal Firewall

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Symantec Norton Internet Security	Version 2004
Symantec Norton Personal Firewall	Version 2004

References (18)

http://osvdb.org/36164

Source: cret@cert.org

http://secunia.com/advisories/25290

Source: cret@cert.org

Vendor Advisory

http://www.kb.cert.org/vuls/id/983953

Source: cret@cert.org

US Government Resource

http://www.securityfocus.com/archive/1/468779/100/0/threaded

Source: cret@cert.org

http://www.securityfocus.com/bid/23936

Source: cret@cert.org

http://www.securitytracker.com/id?1018073

Source: cret@cert.org

http://www.symantec.com/avcenter/security/Content/2007.05.16.html

Source: cret@cert.org

PatchVendor Advisory

http://www.vupen.com/english/advisories/2007/1843

Source: cret@cert.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/34328

Source: cret@cert.org

http://osvdb.org/36164