Secunia Research Advisory

Symantec Products NavComUI ActiveX Control Code Execution


====================================================================== 

                      Secunia Research 09/08/2007

    - Symantec Products NavComUI ActiveX Control Code Execution -

====================================================================== 
Table of Contents

Affected Software....................................................1
Severity.............................................................2
Description of Vulnerability.........................................3
Solution.............................................................4
Time Table...........................................................5
Credits..............................................................6
References...........................................................7
About Secunia........................................................8
Verification.........................................................9

====================================================================== 
1) Affected Software 

* Norton AntiVirus 2006
* Norton Internet Security 2006
* Norton Internet Security, Anti Spyware Edition 2005
* Norton System Works 2006

====================================================================== 
2) Severity 

Rating: Highly critical
Impact: System compromise
Where: Remote

====================================================================== 
3) Description of Vulnerability

Secunia Research has discovered two vulnerabilities in various 
Symantec products, which can be exploited by malicious people to 
compromise a user's system.

The vulnerabilities are caused due to errors in the AxSysListView32 
and AxSysListView32OAA ActiveX controls (NavComUI.dll) when handling 
the "AnomalyList" and "Anomaly" properties respectively as they take 
a VARIANT* as argument.

Successful exploitation allows execution of arbitrary code.

====================================================================== 
4) Solution 

The vendor has issued a fix, which is available via LiveUpdate in
Interactive Mode.

====================================================================== 
5) Time Table 

11/05/2007 - Vendor notified.
11/05/2007 - Vendor response.
09/08/2007 - Public disclosure.

====================================================================== 
6) Credits 

Discovered by Carsten Eiram, Secunia Research.

====================================================================== 
7) References

Symantec:
http://www.symantec.com/avcenter/security/Content/2007.08.09.html

The Common Vulnerabilities and Exposures (CVE) project has assigned 
CVE-2007-2955 for the vulnerability.

====================================================================== 
8) About Secunia

Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:

https://www.flexera.com/

Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private 
individuals, who are interested in or concerned about IT-security.

Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the 
security and reliability of software in general.

Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:

https://www.flexera.com/company/careers

Secunia offers a FREE mailing list called Secunia Security Advisories:

https://www.flexera.com/secunia_security_advisories/ 

====================================================================== 
9) Verification 

Please verify this advisory by visiting the Secunia website:
https://www.flexera.com/about-us/secunia-research/advisories/sr-2007-53.html

Complete list of vulnerability reports published by Secunia Research:
https://www.flexera.com/about-us/secunia-research/advisories/

======================================================================