CVE-2007-1689

{"id": "CVE-2007-1689", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-05-16T20:30:00.000", "references": [{"url": "http://osvdb.org/36164", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/25290", "tags": ["Vendor Advisory"], "source": "cret@cert.org"}, {"url": "http://www.kb.cert.org/vuls/id/983953", "tags": ["US Government Resource"], "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/archive/1/468779/100/0/threaded", "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/bid/23936", "source": "cret@cert.org"}, {"url": "http://www.securitytracker.com/id?1018073", "source": "cret@cert.org"}, {"url": "http://www.symantec.com/avcenter/security/Content/2007.05.16.html", "tags": ["Patch", "Vendor Advisory"], "source": "cret@cert.org"}, {"url": "http://www.vupen.com/english/advisories/2007/1843", "source": "cret@cert.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34328", "source": "cret@cert.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en el control ActiveX ISAlertDataCOM, en ISLALERT.DLL para Norton Personal Firewall 2004 e Internet Security 2004 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante argumentos largos para las funciones (1) Get y (2) Set."}], "lastModified": "2018-10-16T16:40:32.677", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8"}, {"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36C0FF0C-EB6E-479B-BFF9-E55CBC0D6500"}], "operator": "OR"}]}], "sourceIdentifier": "cret@cert.org"}