CVE-2006-5403

3 documents3 sources

Severity

5.1MEDIUM

EPSS

21.4%

top 4.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Norton Internet Security Symantec Norton System Works

Timeline

PublishedOct 19

Latest updateMay 1

Description

Stack-based buffer overflow in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages2 packages

▶NVDsymantec/norton_system_works2005, 2006+1

▶NVDsymantec/norton_internet_security2006

🔴Vulnerability Details

GHSA

GHSA-crr9-5rqj-fxgq: Stack-based buffer overflow in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and Sy↗2022-05-01

▶

CVEList

CVE-2006-5403: Stack-based buffer overflow in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and Sy↗2006-10-19

▶