Norton.Symspam.dll.Buffer.Overflow
Description
This indicates a possible attempt to exploit a Buffer Overflow vulnerability in Symantec Norton AntiSpam.
The vulnerability is in the "SymSpamHelper Class" ActiveX control, which cannot properly handle overly long user supplied parameters. A remote attacker can exploit this to execute arbitrary code.
Affected Products
Symantec Norton AntiSpam 2004
Impact
System Compromise: Remote code execution.
Recommended Actions
Symantec has released a patch, as stated in the advisory SYM04-005, to address this vulnerability.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |