|
Posted by MsOsWin@anon.com on April 8, 2006, 1:30 am
If you were Registered and logged in, you could reply and use other advanced thread options
i googled and looked thruogh nav hlp/chm for where to report feedback, but
didn't find.
maybe posting here is useful.
http://www.sears.com/sr/javasr/product.do?BV_SessionID=@@@@1403426467.11444703
52@@@@&BV_EngineID=ccjladdhhefgjffcegecegjdghldgfk.0&sid=I0083000660003900085
&pid=04656712000&vertical=SEARS&ihtoken=1
White Kenmore Elite 25.1 cu. ft. Side-By-Side Refrigerator with Rotating
Dispenser
System at sears.com
nav intrusion stopped/alert when I dragged that sears page from ie6 to firefox.
nav popped
up from systray, i paraphrase: "(stopped intrusion attempt... click.. more info)
"
info box said (as recorded in Activity Log):
-----------------------------------------
Details: Attempted Intrusion "ICC Profile TagData Overflow" against your machine
was
detected and blocked.
Intruder: content.sears.com(128.242.107.114)(http(80)).
Risk Level: High.
Protocol: TCP.
Attacked IP: 0.0.0.0.
Attacked Port: 2129.
Click the address to trace the attacker.
Details: Intrusion detected and blocked. All communication with 128.242.107.114
will be
blocked for 30 minutes.
Click the address to trace the attacker.
Details: Internet Worm Protection Signature File Version: 3/22/2006 Rev. 78.
Internet Worm Protection Engine Version: 2.0.0.50707.
-----------------------------------------
i found few mentions on web, none in groups.
http://www.google.com/search?q=%22ICC+Profile+Tag-Data+Overflow%22
http://www.google.com/search?q=ICC+Profile+Tag-Data+Overflow
http://www.symantec.com/avcenter/attack_sigs/s21196.html
Microsoft Windows is prone to a buffer overflow vulnerability in the Color
Management
Module
Memory corruption resulting from this vulnerability may allow an attacker to
overwrite
sensitive variables in memory such as a return address or Structured Exception
Handler
(SEH), allowing the attacker to influence program execution flow. This is
sufficient for an
attacker to execute arbitrary code.
Possible False Positives
There are no known false positives associated with this signature.
refers to:
http://www.microsoft.com/downloads/details.aspx?familyid=C5BCF2DB-ADCE-42BD-
ABEE-1380F258158B&displaylang=en
Security Update for Windows XP (KB901214
7/11/2005
this computer is kept patched, so maybe nav blocking "saved" the computer from
memory
wastage - i.e., not a *complete* false positive? semi-false? or bad
Sears-Roebuck, bad! ?
:-)
search sym sites:
http://search.symantec.com/custom/update/query.html?qt=ICC+Profile+TagData+false+po
sitive&context=gbh&nh=10&st=1&hitsceil=100&col=&filter=all&x=0&y=0
1001 found
more search sym's site
http://service1.symantec.com/SUPPORT/ent-
brightmailkb.nsf/b5bcaffa49d3b4dd88256f400082484b/5d0964f0afa6403f88256f93008006cb
?OpenDocument&src=bar_sch_nam&seg=ag
Manually submitting spam and false positive messages to the Symantec Security
Response Center
not quite. try again
http://www.google.com/search?q=site%3A*.symantec.com+%7Esubmit+false+positive+int
rusion+norton+%7C+antivirus+
ok, closer.
https://submit.symantec.com/false_positive/index.html
"if you believe your software has been identified as another program."
no, still not right
eventually stumbled upon
https://secure1.symantec.com/discuss/support/feedback2.nsf/product+feedback
Symantec - Product Feedback
sent...
|
| Similar Threads | Posted | | Intrusion.Win.MSSQL.worm.Helkern | March 11, 2006, 4:42 am |
| Norton Anti Virus - cannot switch on Intrusion Prevention - Error 183 in Module 5004 | October 13, 2005, 8:20 pm |
| False Positive? | September 10, 2005, 8:22 am |
| False positive? | April 8, 2007, 4:28 pm |
| False Positive on Keylogger??? | June 10, 2006, 11:38 am |
| Malwarebytes false positive | July 14, 2008, 10:22 am |
| False Positive, Posssible / Likely? | July 24, 2008, 1:20 pm |
| Is this a trojan or a false positive ? | November 24, 2008, 3:43 pm |
| Spybot 1.4 Smitfraud-C False Positive? | July 29, 2005, 11:23 pm |
| New False Positive from Spyware Doctor? | February 1, 2007, 8:41 pm |
|
XML site map