CVE

Id
46081  
CVE No.
CVE-2010-3497  
Status
Candidate  
Description
Symantec Norton AntiVirus 2011 does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution. NOTE: the researcher indicates that a vendor response was received, stating that this issue "falls into the work of our Firewall and not our AV (per our methodology of layers of defense)."  
Phase
Assigned (20100924)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
501208 46081 CVE-2010-3497 BUGTRAQ:20101018 Antivirus detection after malware execution  View
501209 46081 CVE-2010-3497 URL:http://www.securityfocus.com/archive/1/514356  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
36443 JVNDB-2010-002223 Oracle Fusion Middleware の OID コンポーネントにおける脆弱性 Oracle Fusion Middleware の OID コンポーネントには、可用性に影響のある脆弱性が存在します。 CVE-2010-3501 46081 5 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002223.html  View