CVE-2002-1540Norton Antivirus vulnerability

4 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.1%
top 81.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec Norton Antivirus
Timeline
PublishedMar 31
Latest updateApr 30

Description

The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDsymantec/norton_antiviruscorporate_7.5, corporate_7.51, corporate_7.6+2

Patches

Patch: www.iss.netPatch: www.iss.net

🔴Vulnerability Details

2
GHSA
GHSA-9r86-74vm-r67j: The client for Symantec Norton AntiVirus Corporate Edition 72022-04-30
CVEList
CVE-2002-1540: The client for Symantec Norton AntiVirus Corporate Edition 72004-09-01

💥Exploits & PoCs

1
Exploit-DB
Microsoft Office Products - Array Index Bounds Error (PoC)2006-03-27
CVE-2002-1540 — Symantec Norton Antivirus vulnerability | cvebase