Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message.
https://exchange.xforce.ibmcloud.com/vulnerabilities/32636
http://www.vupen.com/english/advisories/2007/0704
http://www.vupen.com/english/advisories/2007/0703
http://www.symantec.com/avcenter/security/Content/2007.02.22.html
http://www.securitytracker.com/id?1017691
http://www.securitytracker.com/id?1017690
http://www.securitytracker.com/id?1017689
http://www.securitytracker.com/id?1017688
http://www.securityfocus.com/bid/22564
http://www.securityfocus.com/archive/1/461147/100/0/threaded
http://www.kb.cert.org/vuls/id/441785
http://secunia.com/advisories/24251
http://secunia.com/advisories/24246
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=478
http://archives.neohapsis.com/archives/bugtraq/2007-02/0454.html