Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Symantec Security Check RuFSI ActiveX控件远程缓冲区溢出漏洞
Vulnerability Description
Symantec Security Check是一款免费基于WEB的工具,可以使用户对自己的电脑进行安全在线的检查。在运行检查过程中,用户会安装ActiveX控件。 当前的Symantec RuFSI工具类或Symantec RuFSI注册信息类在调用超长字符串时缺少正确边界缓冲区检查,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以用户浏览器进程权限在系统上执行任意指令。 攻击者可以构建恶意站点,诱使用户访问,使此控件处理超长字符串来触发此漏洞。
CVSS Information
N/A
Vulnerability Type
N/A