CyberSec.Space Logo
Back to CVE Browser

CVE-2008-0312

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0130%
EPSS Percentile0.71th
PublishedApr 8, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in the AutoFix Support Tool ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products, including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, allows remote attackers to execute arbitrary code via a long argument to the GetEventLogInfo method. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

πŸ“¦
Symantec

Norton 360

= 1.0
πŸ“¦
Symantec

Norton Antivirus

= 2006
πŸ“¦
Symantec

Norton Antivirus

= 2007
πŸ“¦
Symantec

Norton Antivirus

= 2008
πŸ“¦
Symantec

Norton Internet Security

= 2006
πŸ“¦
Symantec

Norton Internet Security

= 2007
πŸ“¦
Symantec

Norton Internet Security

= 2008
πŸ“¦
Symantec

Norton System Works

= 2006
πŸ“¦
Symantec

Norton System Works

= 2007
πŸ“¦
Symantec

Norton System Works

= 2008

References & Advisories

πŸ”— http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=677
πŸ”— http://secunia.com/advisories/29660
πŸ”— http://securityresponse.symantec.com/avcenter/security/Content/2008.04.02a.html
πŸ”— http://www.securityfocus.com/bid/28507
πŸ”— http://www.securitytracker.com/id?1019751
πŸ”— http://www.securitytracker.com/id?1019752
πŸ”— http://www.securitytracker.com/id?1019753
πŸ”— http://www.vupen.com/english/advisories/2008/1077/references

Related Vulnerabilities

CVE-2016-36459.8

Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Da...

CVE-2016-36448.4

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x th...

CVE-2016-22078.4

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x th...

CVE-2016-36468.4

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x th...