NGSSoftware Insight Security Research Advisory #NISR19042004a - Installed with Symantec's Norton AntiSpam 2004 product is an ActiveX component that is marked safe for scripting, particularly symspam.dll. However, when the method LaunchCustomRuleWizard is called with an overly long parameter, an attacker can cause a stack based overflow allowing for arbitrary code execution.
b73892705e2a76c1e0de0b2b6bf520d003b24ba8a85ea693d80dca4775212c39