CVE-2000-0477 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Norton Antivirus

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

0.8%

top 25.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Norton Antivirus

Timeline

PublishedJun 14

Latest updateApr 30

Description

Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a denial of service via a .zip file that contains long file names.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDsymantec/norton_antivirus1.5, 2.0+1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-j487-27wr-29q4: Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a denial of service via a↗2022-04-30

▶

CVEList

CVE-2000-0477: Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a denial of service via a↗2000-10-13

▶

💥Exploits & PoCs

Exploit-DB

Allaire ColdFusion Server 4.0 - Remote File Display / Deletion / Upload / Execution↗1998-12-25

▶