Intrusion Prevention

Symantec.SupportSoft.ActiveX.Controls.Access

Description

Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allow remote attackers to execute arbitrary code via a crafted HTML message.

Affected Products

Symantec Automated Support Assistant
Symantec Norton AntiVirus 2006
Symantec Norton Internet Security 2006
Symantec Norton SystemWorks 2006

Impact

By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code with the privileges of the user. The attacker could also cause Internet Explorer (or the program using the WebBrowser control) to crash.

Recommended Actions

Symantec customers should apply an update, as specified by Symantec advisory SYM07-002.
For customers where the vendor has not supplied an update, please apply an update as specified in the SupportSoft Security Update. This update provides download links to installers for the fixed 6.5.x and 5.6.x controls. Please note that a computer system may have both 6.x and 5.x components installed, which would require installing both update packages.

CVE References

CVE-2006-6490