CVE-2009-1517

Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service (browser crash) and possibly execute arbitrary code via unspecified input to the (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, and (6) CallTour methods.

🔗 References (10)

• cve@mitrehttp://www.securityfocus.com/bid/34696
• cve@mitrehttp://www.securitytracker.com/id?1022120
• cve@mitrehttp://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html
• cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/50098
• cve@mitrehttps://www.exploit-db.com/exploits/8523
• af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34696
• af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022120
• af854a3a-2127-422b-91ae-364da2661108http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html
• af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/50098
• af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/8523