Intrusion Prevention

Symantec.SupportSoft.ActiveX.SmartIssue.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in Symantec SupportSoft ActiveX control.
The vulnerability is caused by the failure to properly check user-supplied input before using it. It may allow a remote attacker to execute arbitrary code by enticing users into visiting a specially crafted web page.

Affected Products

SupportSoft ActiveX Controls versions 5.x
SupportSoft ActiveX Controls versions 6.x

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the web site:
http://www.supportsoft.com/support/controls_update.asp

CVE References

CVE-2006-6490