Details of VAR-200610-0182

ID

VAR-200610-0182

CVE

CVE-2006-5403

TITLE

Symantec Automated Support Assistant ActiveX control buffer overflow

Trust: 0.8

sources: CERT/CC: VU#400601

DESCRIPTION

Stack-based buffer overflow in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. This vulnerability requires a certain amount of user-interaction for an attack to occur, such as visiting a malicious website. A successful exploit would let a remote attacker execute code with the privileges of the currently logged-in user. Therefore, the affected control may be present on computers running other consumer products and versions as well. Symantec Corporate and Enterprise products are not affected, because they do not install the affected control. ---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. 1) An unspecified input validation error exists, which can be exploited to gain unauthorized access to system information. Successful exploitation requires spoofing of a trusted domain web site and to trick the user to click on a malicious link. Automated Support Assistant: Update to the latest version. https://www-secure.symantec.com/techsupp/asa/install.jsp PROVIDED AND/OR DISCOVERED BY: The vendor credits John Haesman, Next Generation Security Research. ORIGINAL ADVISORY: http://securityresponse.symantec.com/avcenter/security/Content/2006.10.05.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.79

sources: NVD: CVE-2006-5403 // CERT/CC: VU#400601 // JVNDB: JVNDB-2006-003318 // BID: 20348 // VULHUB: VHN-21511 // PACKETSTORM: 50672

AFFECTED PRODUCTS

vendor:	symantec	model:	norton system works	scope:	eq	version:	2005	Trust: 1.6
vendor:	symantec	model:	norton internet security	scope:	eq	version:	2006	Trust: 1.6
vendor:	symantec	model:	norton system works	scope:	eq	version:	2006	Trust: 1.6
vendor:	symantec	model:	automated support assistant	scope:	-	version:	-	Trust: 1.4
vendor:	symantec	model:	norton antivirus	scope:	-	version:	-	Trust: 1.4
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	automated support assistant	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	symantec	model:	norton internet security	scope:	-	version:	-	Trust: 0.8
vendor:	symantec	model:	norton systemworks	scope:	eq	version:	2005 and 2006	Trust: 0.8
vendor:	symantec	model:	norton systemworks	scope:	eq	version:	20060	Trust: 0.3
vendor:	symantec	model:	norton systemworks	scope:	eq	version:	20050	Trust: 0.3
vendor:	symantec	model:	norton internet security	scope:	eq	version:	20060	Trust: 0.3
vendor:	symantec	model:	norton internet security	scope:	eq	version:	2005	Trust: 0.3
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	2006	Trust: 0.3
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	2005	Trust: 0.3
vendor:	symantec	model:	automated support assistant	scope:	eq	version:	0	Trust: 0.3

sources: CERT/CC: VU#400601 // BID: 20348 // JVNDB: JVNDB-2006-003318 // CNNVD: CNNVD-200610-306 // NVD: CVE-2006-5403

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-5403
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#400601
value:	1.16
Trust: 0.8
NVD:	CVE-2006-5403
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200610-306
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-21511
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2006-5403
severity:	MEDIUM
baseScore:	5.1
vectorString:	AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	4.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-21511
severity:	MEDIUM
baseScore:	5.1
vectorString:	AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	4.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#400601 // VULHUB: VHN-21511 // JVNDB: JVNDB-2006-003318 // CNNVD: CNNVD-200610-306 // NVD: CVE-2006-5403

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-5403

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200610-306

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200610-306

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-003318

PATCH

title:

SYM06-019

url:

http://securityresponse.symantec.com/avcenter/security/Content/2006.10.05.html

Trust: 0.8

sources: JVNDB: JVNDB-2006-003318

EXTERNAL IDS

db:	CERT/CC	id:	VU#400601	Trust: 3.6
db:	BID	id:	20348	Trust: 2.8
db:	SECUNIA	id:	22228	Trust: 2.6
db:	SECTRACK	id:	1016988	Trust: 2.5
db:	SECTRACK	id:	1016989	Trust: 2.5
db:	SECTRACK	id:	1016990	Trust: 2.5
db:	SECTRACK	id:	1016991	Trust: 2.5
db:	NVD	id:	CVE-2006-5403	Trust: 2.5
db:	VUPEN	id:	ADV-2006-3929	Trust: 1.7
db:	JVNDB	id:	JVNDB-2006-003318	Trust: 0.8
db:	CNNVD	id:	CNNVD-200610-306	Trust: 0.7
db:	XF	id:	29363	Trust: 0.6
db:	VULHUB	id:	VHN-21511	Trust: 0.1
db:	PACKETSTORM	id:	50672	Trust: 0.1

sources: CERT/CC: VU#400601 // VULHUB: VHN-21511 // BID: 20348 // JVNDB: JVNDB-2006-003318 // PACKETSTORM: 50672 // CNNVD: CNNVD-200610-306 // NVD: CVE-2006-5403

REFERENCES

url:	http://www.kb.cert.org/vuls/id/400601	Trust: 2.8
url:	http://securityresponse.symantec.com/avcenter/security/content/2006.10.05.html	Trust: 2.1
url:	http://www.securityfocus.com/bid/20348	Trust: 1.7
url:	http://securitytracker.com/id?1016988	Trust: 1.7
url:	http://securitytracker.com/id?1016989	Trust: 1.7
url:	http://securitytracker.com/id?1016990	Trust: 1.7
url:	http://securitytracker.com/id?1016991	Trust: 1.7
url:	http://secunia.com/advisories/22228	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2006/3929	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/29363	Trust: 1.1
url:	http://www.symantec.com/avcenter/security/content/2006.10.05.html	Trust: 0.8
url:	http://www.securityfocus.com/bid/20348	Trust: 0.8
url:	http://securitytracker.com/id?1016988	Trust: 0.8
url:	http://securitytracker.com/id?1016989	Trust: 0.8
url:	http://securitytracker.com/id?1016990	Trust: 0.8
url:	http://securitytracker.com/id?1016991	Trust: 0.8
url:	http://secunia.com/advisories/22228	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5403	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5403	Trust: 0.8
url:	http://www.frsirt.com/english/advisories/2006/3929	Trust: 0.6
url:	http://xforce.iss.net/xforce/xfdb/29363	Trust: 0.6
url:	http://www.symantec.com	Trust: 0.3
url:	http://secunia.com/product/4009/	Trust: 0.1
url:	http://secunia.com/product/6635/	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/4848/	Trust: 0.1
url:	http://secunia.com/product/12212/	Trust: 0.1
url:	http://secunia.com/product/6636/	Trust: 0.1
url:	http://secunia.com/hardcore_disassembler_and_reverse_engineer/	Trust: 0.1
url:	http://secunia.com/advisories/22228/	Trust: 0.1
url:	https://www-secure.symantec.com/techsupp/asa/install.jsp	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/product/4847/	Trust: 0.1
url:	http://secunia.com/product/6634/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: CERT/CC: VU#400601 // VULHUB: VHN-21511 // BID: 20348 // JVNDB: JVNDB-2006-003318 // PACKETSTORM: 50672 // CNNVD: CNNVD-200610-306 // NVD: CVE-2006-5403

CREDITS

John Haesman

Trust: 0.6

sources: CNNVD: CNNVD-200610-306

SOURCES

db:	CERT/CC	id:	VU#400601
db:	VULHUB	id:	VHN-21511
db:	BID	id:	20348
db:	JVNDB	id:	JVNDB-2006-003318
db:	PACKETSTORM	id:	50672
db:	CNNVD	id:	CNNVD-200610-306
db:	NVD	id:	CVE-2006-5403

LAST UPDATE DATE

2024-08-14T14:15:39.670000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#400601	date:	2006-11-08T00:00:00
db:	VULHUB	id:	VHN-21511	date:	2017-07-20T00:00:00
db:	BID	id:	20348	date:	2006-11-13T19:07:00
db:	JVNDB	id:	JVNDB-2006-003318	date:	2012-12-20T00:00:00
db:	CNNVD	id:	CNNVD-200610-306	date:	2006-10-19T00:00:00
db:	NVD	id:	CVE-2006-5403	date:	2017-07-20T01:33:43.243

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#400601	date:	2006-11-08T00:00:00
db:	VULHUB	id:	VHN-21511	date:	2006-10-19T00:00:00
db:	BID	id:	20348	date:	2006-10-05T00:00:00
db:	JVNDB	id:	JVNDB-2006-003318	date:	2012-12-20T00:00:00
db:	PACKETSTORM	id:	50672	date:	2006-10-08T20:37:03
db:	CNNVD	id:	CNNVD-200610-306	date:	2006-10-18T00:00:00
db:	NVD	id:	CVE-2006-5403	date:	2006-10-19T01:07:00