MitreCVELIST:CVE-2006-4927CVE-2006-4927
The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions (1) 0x222AD3, (2) 0x222AD7, and (3) 0x222ADB.
References
secunia.com/advisories/22288
securityreason.com/securityalert/1690
securitytracker.com/id?1016994
securitytracker.com/id?1016995
securitytracker.com/id?1016996
securitytracker.com/id?1016997
securitytracker.com/id?1016998
securitytracker.com/id?1016999
securitytracker.com/id?1017000
securitytracker.com/id?1017001
securitytracker.com/id?1017002
www.idefense.com/intelligence/vulnerabilities/display.php?id=417
www.kb.cert.org/vuls/id/946820
www.securityfocus.com/archive/1/447849/100/0/threaded
www.securityfocus.com/bid/20360
www.symantec.com/avcenter/security/Content/2006.10.05a.html
www.vupen.com/english/advisories/2006/3928
exchange.xforce.ibmcloud.com/vulnerabilities/29360
Related
