N/A

The Symantec NAVOPTS.DLL ActiveX control (aka Symantec.Norton.AntiVirus.NAVOptions) 12.2.0.13, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, is designed for use only in application-embedded web browsers, which allows remote attackers to "crash the control" via unspecified vectors related to content on a web site, and place Internet Explorer into a "defunct state" in which remote attackers can execute arbitrary code in addition to other Symantec ActiveX controls, regardless of whether they are marked safe for scripting. NOTE: this CVE was inadvertently used for an E-mail Auto-Protect issue, but that issue has been assigned CVE-2007-3771.

N/A

N/A

Norton Antivirus NAVOpts.dll ActiveX控件绕过安全限制漏洞

Symantec Norton AntiVirus是一款功能强大的反病毒程序。 Norton AntiVirus所带的ActiveX控件实现上存在漏洞，远程攻击者可能利用此漏洞绕过浏览器的安全限制。 Norton会安装以下ActiveX控件： Progid：Symantec.Norton.AntiVirus.NAVOptions Clsid：085ABFE2-D753-445C-8A2A-D4BD46CE0811 文件：C:\Program Files\Norton Internet Security\N

N/A

N/A