Lucene search

[email protected]NVD:CVE-2006-3455

HistoryOct 23, 2006 - 8:07 p.m.

CVE-2006-3455

2006-10-2320:07:00

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.7%

JSON

The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.

Affected configurations

NVD

Node

symantecclient_securityMatch1.1

symantecclient_securityMatch1.1.1

symantecclient_securityMatch1.1.1_build_393

symantecclient_securityMatch1.1.1_mr1_build_8.1.1.314a

symantecclient_securityMatch1.1.1_mr2_build_8.1.1.319

symantecclient_securityMatch1.1.1_mr3_build_8.1.1.323

symantecclient_securityMatch1.1.1_mr4_build_8.1.1.329

symantecclient_securityMatch1.1.1_mr5_build_8.1.1.336

symantecclient_securityMatch1.1.1_mr6_b8.1.1.266

symantecclient_securityMatch1.1_stm_b8.1.0.825a

symantecclient_securityMatch2.0

symantecclient_securityMatch2.0.1

symantecclient_securityMatch2.0.1_build_9.0.1.1000mr1

symantecclient_securityMatch2.0.2

symantecclient_securityMatch2.0.2_build_9.0.2.1000mr2

symantecclient_securityMatch2.0.3

symantecclient_securityMatch2.0.3_build_9.0.3.1000mr3

symantecclient_securityMatch2.0_scf_7.1

symantecclient_securityMatch2.0_stm_build_9.0.0.338

symantecnorton_antivirusMatch8.1corporate

symantecnorton_antivirusMatch8.1.0.825acorporate

symantecnorton_antivirusMatch8.1.1corporate

symantecnorton_antivirusMatch8.1.1.319corporate

symantecnorton_antivirusMatch8.1.1.323corporate

symantecnorton_antivirusMatch8.1.1.329corporate

symantecnorton_antivirusMatch8.1.1.366corporate

symantecnorton_antivirusMatch8.1.1.377corporate

symantecnorton_antivirusMatch8.1.1_build8.1.1.314acorporate

symantecnorton_antivirusMatch8.1.1_build393corporate

symantecnorton_antivirusMatch8.01.434corporate

symantecnorton_antivirusMatch8.01.437corporate

symantecnorton_antivirusMatch8.01.446corporate

symantecnorton_antivirusMatch8.01.457corporate

symantecnorton_antivirusMatch8.01.460corporate

symantecnorton_antivirusMatch8.01.464corporate

symantecnorton_antivirusMatch8.01.471corporate

symantecnorton_antivirusMatch9.0.1corporate

symantecnorton_antivirusMatch9.0.1.1.1000corporate

symantecnorton_antivirusMatch9.0.1.1000corporate

symantecnorton_antivirusMatch9.0.2corporate

symantecnorton_antivirusMatch9.0.2.1000corporate

References

secunia.com/advisories/22536

securitytracker.com/id?1017108

securitytracker.com/id?1017109

www.securityfocus.com/archive/1/449524/100/0/threaded

www.securityfocus.com/bid/20684

www.symantec.com/avcenter/security/Content/2006.10.23.html

www.vupen.com/english/advisories/2006/4157

exchange.xforce.ibmcloud.com/vulnerabilities/29762

4.3 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.7%

JSON

Related for NVD:CVE-2006-3455

securityvulns1 symantec1 cvelist1 cve1