Symantec’s Norton Internet Security product is being under attack. The bug enables a remote hacker to take over the system.

The US CERT announced that the bug could also allow a hacker to cause a victim's browser to crash. Even tough vulnerabilities that enable remote control of a system frequently are considered critical bugs the Security Company called the flaw a medium risk.

According to a Symantec advisory, an ActiveX control used by Norton Personal Firewall 2004 and Norton Internet Security 2004 contains buffer overflow vulnerability. Researchers at the U.S.-CERT notified Symantec of the vulnerability.

Symantec has provided fixes for the flaw through product updates that are available through LiveUpdate.The Company reported in its advisory that its researchers haven't seen any exploits of the bug circulating on the Internet.

Symantec's Norton Internet Security product is a Windows-based system that includes antivirus, firewall, intrusion detection, and privacy protection, along with spam and content filtering. An ActiveX control is a set of rules for how applications share information