VULHUB ™

The Symantec CcErrDsp.ErrorDisplay.1 ActiveX object is reported prone to a stack-memory exhaustion denial of service vulnerability. This ActiveX object is installed with Norton AntiVirus. The researcher who discovered the vulnerability has stated that they do not believe the condition to be exploitable to corrupt process memory. If the vulnerability were successfully exploited, this would result in a denial of service due to a runtime error in the affected module that causes the running instance of the client application that the object is invoked through (typically Internet Explorer) to crash. Norton AntiVirus 2004 ships with a vulnerable version of the object. Other versions and products may also be affected, such as Norton Internet Security. Symantec is currently investigating this vulnerability.

The Symantec CcErrDsp.ErrorDisplay.1 ActiveX object is reported prone to a stack-memory exhaustion denial of service vulnerability. This ActiveX object is installed with Norton AntiVirus. The researcher who discovered the vulnerability has stated that they do not believe the condition to be exploitable to corrupt process memory. If the vulnerability were successfully exploited, this would result in a denial of service due to a runtime error in the affected module that causes the running instance of the client application that the object is invoked through (typically Internet Explorer) to crash. Norton AntiVirus 2004 ships with a vulnerable version of the object. Other versions and products may also be affected, such as Norton Internet Security. Symantec is currently investigating this vulnerability.