Intrusion Prevention

Symantec.Norton.SymAData.DLL.ActiveX.Access

Description

This indicates an attempt to exploit a buffer-overflow vulnerability in Symantec Norton Internet Security 2008 and prior versions.
The vulnerability is caused by an input parameter check error in the GetEventLogInfo method. It allows a remote attacker to execute arbitrary code in the victim's system by sending a long parameter to this method.

Affected Products

Symantec Norton Internet Security 2008 and prior versions

Impact

System compromise: remote code execution.

Recommended Actions

Apply the patch from the vendor. More details can be found at the following web site:
http://securityresponse.symantec.com/avcenter/security/Content/2008.04.02a.html

CVE References

CVE-2008-0312