CVE-2011-1487

The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string. (CVSS:5.0) (Last Update:2014-02-20)

Hot Issues & Hot Fixes (Updated April 6, 2011)

Hot Issues – problems with the product that we are currently researching and working to resolve, or additional information regarding current situations. If you have additional information about issues, please post it to the existing thread on the subject. Please do not create a new thread for the same subject; this will create confusion about the issue.

 

– My computer stops responding after I install the latest updates for my Norton 2011 product (More Information)

– Some users may experience WS.Reputation.1 detections (More Information)

– Programs compiled with certain compilers may be falsely detected by SONAR (More Information)


 

Hot Fixes – tools we’ve created to resolve Hot Issues that were previously reported on the forums. You will see them listed below with a link to the Symantec Knowledge Base article containing the Hot Fix. If you continue to experience the problem after using the Hot Fix, please open a new thread on the subject.

 

Norton Internet Security 2011 / Norton 360 5.0 toolbar toolbar does not load on Firefox 4:

– NIS 2011 (hotfix available)

– N360 v5 (hotfix available)


 

Fixes

 

The following fixes are included in the Norton Internet Security / Norton AntiVirus 18.5 (2011.5) release (available in the Norton Update Center):

 

– Fixed an issue where Norton Insight might falsely report 0% trusted when Performance Monitoring was disabled. (Discussed Here)

– Fixed an issue with the Activity Map might not update when Smart Definitions are enabled. (Discussed Here)

– Improved instances where the Norton AntiSpam Toolbar might be erroneously disabled (or “grayed out”) in Microsoft Outlook 2007 and Microsoft Outlook 2010. (Discussed Here)

– Corrected an issue where “Custom UI Runtime Error in Norton AntiSpam Outlook Plugin” might display when using Microsoft Outlook. (Discussed Here)

– Fixed an issue where the option to “run” an executable was missing from a File Insight/Download Insight window. (Discussed Here)

– Corrected an issue where Idle Full System Scans would show report inconsistent amounts of Scanned Files. (Discussed Here)

– Fixed an issue where Full System Scans would not run continuously, including when the machine is left idle.

– Fixed an issue where the Norton Product may display “Subscription Expired” after updating from a previous version.

– Fixed Internet Explorer crashes that were due to Intrusion Prevention. 

– Performance Enhancements were made on the Norton Toolbar for Internet Explorer 9 Beta. 

– Enhanced Settings migration when updating from an older version.

– Usability and Performance improvements to the support experience. 

– Added better Norton AntiSpam support for Microsoft Outlook configured with multiple accounts. 

– Corrected a few instances of 8504 errors that may appear when the Norton product is launched. 

– Fixed a Registry Leak issue that may occur during shutdown. (Discussed Here)