Vulnerabilites in Norman products due to path handling - BULLETIN REISSUE
5 September 2007
Updated 2 October 2007
Issue
There exists a vulnerability in several Norman products due to the products' handling of path names in those cases where the path includes spaces (blanks).
In special circumstances this could be exploited in such a way that other applications than intended might be launced.
Affected software
- Norman Virus Control single user and corporate versions
- Norman Virus Control Plus
- Norman Internet Control
- Norman Internet Control Plus
- Norman Personal Firewall
- NVCnet for Terminal and File servers
- NVCnet for Internet Service Providers
- Norman Virus Control for Lotus Domino
- Norman Virus Control for Microsoft Exchange 2000 and Exchange 5.5
- Norman Virus Control for Firewall-1 NG
- Norman Virus Control for MIMEsweeper
- Third party software using rebranded versions of any of Norman's abovementioned products
Vulnerability status
Vulnerable operating systems
- Windows 9x/Me
- Windows NT4
- Windows 2000
Operating systems not vulnerable
- Windows XP
- Wndows 2003
- Windows Vista
As of this writing no update exists for this vulnerability.
Workaround
Uninstall your Norman installation and re-install to a folder without spaces, e.g. c:\norman.
Mitigating factors
Only Microsoft's legacy operating systems are vulnerable to this exploit. See also Workaround above.
As far as Norman knows no programs or program code that exploit these vulnerabilities have been publicly available.
Acknowledgments
Norman wishes to thank Edi Strosar of Team Intell for reporting this vulnerability to Norman prior to disclosure.
Revision history
- 2007-09-05: Advisory created
- 2007-10-02: Advisory reissued (updated workaround section)
