CVE-2009-1517
published 2009-05-04CVE-2009-1517: Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec…
PriorityP427medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
6.59%
93.0th percentile
Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service (browser crash) and possibly execute arbitrary code via unspecified input to the (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, and (6) CallTour methods.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| symantec | norton_ghost | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/34696http://www.securitytracker.com/id?1022120http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/50098https://www.exploit-db.com/exploits/8523http://www.securityfocus.com/bid/34696http://www.securitytracker.com/id?1022120http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/50098https://www.exploit-db.com/exploits/8523
2009-05-04
Published