Secunia Advisory: SA11168
Release Date: 2004-03-19
Critical: Highly critical
Impact: System access
Where: From remote
Software: Norton Internet Security 2004
Norton Internet Security 2004 Professional
NGSSoftware has discovered a vulnerability in Norton Internet Security 2004, which can be exploited by malicious people to compromise a user's system.
The "LaunchURL" method in the "WrapNISUM Class" (WrapUM.dll) ActiveX component makes it possible to run arbitrary executables from remote locations. This can be exploited to execute arbitrary code on a user's system by tricking the user into viewing a malicious HTML document (e.g. by visiting a website or viewing an HTML-based email).
Solution: A patch is reportedly available via the LiveUpdate feature.
Provided and/or discovered by: Mark Litchfield, NGSSoftware.
One of the best French door fridges we've tested
A good-looking fridge with useful features like an auto-filling water pitcher and a temperature-adjustable "FlexZone" drawer. It was a near-flawless performer in our cooling tests.