The Symantec NAVOPTS.DLL ActiveX control (aka Symantec.Norton.AntiVirus.NAVOptions) 12.2.0.13, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, is designed for use only in application-embedded web browsers, which allows remote attackers to "crash the control" via unspecified vectors related to content on a web site, and place Internet Explorer into a "defunct state" in which remote attackers can execute arbitrary code in addition to other Symantec ActiveX controls, regardless of whether they are marked safe for scripting. NOTE: this CVE was inadvertently used for an E-mail Auto-Protect issue, but that issue has been assigned CVE-2007-3771.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-05-11T10:00:00
Updated: 2017-07-19T15:57:01
Reserved: 2006-07-07T00:00:00
Link: CVE-2006-3456
JSON object: View
NVD Information
Status : Modified
Published: 2007-05-11T10:19:00.000
Modified: 2017-07-20T01:32:19.740
Link: CVE-2006-3456
JSON object: View
Redhat Information
No data.
CWE