Intrusion Prevention

Symantec.Firewall.Products.WrapNISUM.Class.Command.Execution

Description

This indicates an attack attempt to exploit a program execution vulnerability
in Symantec Firewall Products.
The vulnerability is located in the "WrapUM.dll" ActiveX control through
miss-use of "LaunchURL" function. It may allow remote attackers to execute
arbitrary program in the context of the application using the affected ActiveX
control.

Affected Products

Symantec Corporation: Norton Internet Security 2004
Symantec Corporation: Norton Internet Security 2004 Pro

Impact

System Comprise:Remote attackers can gain control of the vulnerable system.

Recommended Actions

Refer to the vendor's Web sit for suggested workaround.
http://securityresponse.symantec.com/avcenter/security/Content/2004.03.19.html

CVE References

CVE-2004-0364