Vulnerability Details : CVE-2004-0364
The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting, which allows remote attackers to execute arbitrary programs via the LaunchURL method.
Products affected by CVE-2004-0364
- cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2004-0364
56.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2004-0364
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2004-0364
-
http://marc.info/?l=bugtraq&m=107970885922442&w=2
-
http://www.securityfocus.com/bid/9915
Vendor Advisory
-
http://marc.info/?l=bugtraq&m=107980262324362&w=2
-
http://www.sarc.com/avcenter/security/Content/2004.03.19.html
-
http://www.kb.cert.org/vuls/id/549054
US Government Resource
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/15538
-
http://www.nextgenss.com/advisories/nisrce.txt
Patch;Vendor Advisory
Jump to