CVE-1999-1380

Published May 4, 1997

Last updated a year ago

Overview

Description: Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5.1
Impact score: 6.4
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:symantec:norton_utilities:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D0B5B84-4720-4EA2-AAF9-29D5D507514B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References