Vulnerabilities weaken two of Symantec Corp.’s more popular security applications, Norton AntiSpam and Norton Internet Security, researchers have found.
Both flaws enable attackers to run code on remote machines.
The two weaknesses, one in each product, are similar in that they both involve ActiveX controls. The vulnerability in Norton Internet Security and Norton Internet Security Professional affects an ActiveX component called WrapNISUM Class, which is marked safe for scripting.
Symantec, based in Cupertino, Calif., has produced fixes for both of the problems, which are available via its LiveUpdate service.