[email protected]CVE-2006-4927

HistoryOct 10, 2006 - 4:06 a.m.

CVE-2006-4927

2006-10-1004:06:00

[email protected]

web.nvd.nist.gov

symantec

antivirus

security

drivers

local users

privileges

nvd

cve-2006-4927

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.7%

JSON

The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions (1) 0x222AD3, (2) 0x222AD7, and (3) 0x222ADB.

Affected configurations

NVD

Node

symantecnaveng_driver

symantecnavex15_driver

CPENameOperatorVersion
symantec:naveng_driversymantec naveng drivereq*
symantec:navex15_driversymantec navex15 drivereq*

CPE	Name	Operator	Version
symantec:naveng_driver	symantec naveng driver	eq	*
symantec:navex15_driver	symantec navex15 driver	eq	*

References

secunia.com/advisories/22288

securityreason.com/securityalert/1690

securitytracker.com/id?1016994

securitytracker.com/id?1016995

securitytracker.com/id?1016996

securitytracker.com/id?1016997

securitytracker.com/id?1016998

securitytracker.com/id?1016999

securitytracker.com/id?1017000

securitytracker.com/id?1017001

securitytracker.com/id?1017002

www.idefense.com/intelligence/vulnerabilities/display.php?id=417

www.kb.cert.org/vuls/id/946820

www.securityfocus.com/archive/1/447849/100/0/threaded

www.securityfocus.com/bid/20360

www.symantec.com/avcenter/security/Content/2006.10.05a.html

www.vupen.com/english/advisories/2006/3928

exchange.xforce.ibmcloud.com/vulnerabilities/29360

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.7%

JSON

Related for CVE-2006-4927

cert1 cvelist1 nvd1 securityvulns1