7.5 High
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
25.3%
The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.
secunia.com/advisories/22536
securitytracker.com/id?1017108
securitytracker.com/id?1017109
www.securityfocus.com/archive/1/449524/100/0/threaded
www.securityfocus.com/bid/20684
www.symantec.com/avcenter/security/Content/2006.10.23.html
www.vupen.com/english/advisories/2006/4157
exchange.xforce.ibmcloud.com/vulnerabilities/29762