CVE-1999-1380 — Norton Utilities vulnerability

3 documents3 sources

Severity

5.1MEDIUMNVD

EPSS

1.4%

top 19.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Norton Utilities

Timeline

PublishedMay 4

Latest updateApr 30

Description

Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages1 packages

▶NVDsymantec/norton_utilities2.0

Patches

Patch: mlarchive.ima.com ↗Patch: mlarchive.ima.com ↗

🔴Vulnerability Details

GHSA

GHSA-rr53-c8w6-c9v3: Symantec Norton Utilities 2↗2022-04-30

▶

CVEList

CVE-1999-1380: Symantec Norton Utilities 2↗2002-03-09

▶