The flaw, which resides within Symantec's Norton AntiVirus 2004 application, could let attackers run code of their choice on a user's system, launch unauthorized pop-ups, or even create a denial ...

The bug affects the "EarthAgent.exe" daemon on TCP port 3628, and an attacker could exploit it by sending malicious code to a server with ServerProtect installed, according to Symantec.