Norton Internet Security application found to have an ActiveX control bug

Symantec has said that their Norton Internet Security product has a security flaw in an ActiveX control which could enable a remote hacker to take over the system.

The company has labeled this bug a “medium” risk. U.S.-CERT has stated that this bug is critical enough to allow a hacker to cause a victim’s browser to crash.

A Symantec advisory added that an ActiveX control used by Norton Personal Firewall 2004 and Norton Internet Security 2004 contains a buffer overflow vulnerability.

They were notified about this problem by the U.S.-CERT.

Symantec has now delivered the patches to fix this bug in their application through the LiveUpdate mechanism.

Checkout: Symantec Norton Personal Firewall 2004 ActiveX Control Buffer Overflow