Description
The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting, which allows remote attackers to execute arbitrary programs via the LaunchURL method.
References (8)
Core 8
Core References
Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/9915
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107980262324362&w=2
Patch, Vendor Advisory x_refsource_misc
http://www.nextgenss.com/advisories/nisrce.txt
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/11168
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107970885922442&w=2
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/549054
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15538
Various Sources x_refsource_confirm
http://www.sarc.com/avcenter/security/Content/2004.03.19.html
Scores
EPSS
0.0303
EPSS Percentile
86.8%
Details
Status
published
Products (1)
symantec/norton_internet_security
2004 (2 CPE variants)
Published
Apr 15, 2004
Tracked Since
Feb 18, 2026