CVE-2004-0364

3 documents3 sources

Severity

7.5HIGH

EPSS

3.0%

top 13.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Norton Internet Security

Timeline

PublishedApr 15

Latest updateApr 29

Description

The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting, which allows remote attackers to execute arbitrary programs via the LaunchURL method.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDsymantec/norton_internet_security2004

Patches

Patch: www.nextgenss.com ↗Patch: www.nextgenss.com ↗

🔴Vulnerability Details

GHSA

GHSA-v6wg-hp5f-hcpq: The WrapNISUM ActiveX component (WrapUM↗2022-04-29

▶

CVEList

CVE-2004-0364: The WrapNISUM ActiveX component (WrapUM↗2004-03-23

▶