The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting, which allows remote attackers to execute arbitrary programs via the LaunchURL method.

Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Norton Internet Security 2004, allows remote attackers to execute arbitrary code via a long parameter to the LaunchCustomRuleWizard m