Lucene search

[email protected]NVD:CVE-2006-4855

HistorySep 19, 2006 - 6:07 p.m.

CVE-2006-4855

2006-09-1918:07:00

CWE-399

[email protected]

web.nvd.nist.gov

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

5.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.

Affected configurations

NVD

Node

symantecclient_securityMatch1.0

symantecclient_securityMatch1.0.0_b8.01.9378

symantecclient_securityMatch1.0.1

symantecclient_securityMatch1.0.1_build_8.01.425amr1

symantecclient_securityMatch1.0.1_build_8.01.429cmr2

symantecclient_securityMatch1.0.1_build_8.01.434mr3

symantecclient_securityMatch1.0.1_build_8.01.437

symantecclient_securityMatch1.0.1_build_8.01.446mr4

symantecclient_securityMatch1.0.1_build_8.01.457mr5

symantecclient_securityMatch1.0.1_build_8.01.460mr6

symantecclient_securityMatch1.0.1_build_8.01.464mr7

symantecclient_securityMatch1.0.1_build_8.01.471mr8

symantecclient_securityMatch1.0.1_build_8.01.501mr9

symantecclient_securityMatch1.0_build_8.01.9374

symantecclient_securityMatch1.1

symantecclient_securityMatch1.1.1

symantecclient_securityMatch1.1.1_build_393

symantecclient_securityMatch1.1.1_mr1_build_8.1.1.314a

symantecclient_securityMatch1.1.1_mr2_build_8.1.1.319

symantecclient_securityMatch1.1.1_mr3_build_8.1.1.323

symantecclient_securityMatch1.1.1_mr4_build_8.1.1.329

symantecclient_securityMatch1.1.1_mr5_build_8.1.1.336

symantecclient_securityMatch1.1.1_mr6_b8.1.1.266

symantecclient_securityMatch1.1_stm_b8.1.0.825a

symantecclient_securityMatch2.0

symantecclient_securityMatch2.0.1_build_9.0.1.1000mr1

symantecclient_securityMatch2.0.2_build_9.0.2.1000mr2

symantecclient_securityMatch2.0.3_build_9.0.3.1000mr3

symantecclient_securityMatch2.0.5_build_1100

symantecclient_securityMatch2.0_scf_7.1

symantecclient_securityMatch2.0_stm_build_9.0.0.338

symantecclient_securityMatch3.0

symantecclient_securityMatch3.1

symantechost_ids

symantecnorton_antivirusMatch2.1ms_exchange

symantecnorton_antivirusMatch8.0corporate

symantecnorton_antivirusMatch8.0.1corporate

symantecnorton_antivirusMatch8.0.1.425acorporate

symantecnorton_antivirusMatch8.0.1.425ccorporate

symantecnorton_antivirusMatch8.0.1.501corporate

symantecnorton_antivirusMatch8.0.1.9374corporate

symantecnorton_antivirusMatch8.0.1.9378corporate

symantecnorton_antivirusMatch8.1corporate

symantecnorton_antivirusMatch8.1.0.825acorporate

symantecnorton_antivirusMatch8.1.1corporate

symantecnorton_antivirusMatch8.1.1.319corporate

symantecnorton_antivirusMatch8.1.1.323corporate

symantecnorton_antivirusMatch8.1.1.329corporate

symantecnorton_antivirusMatch8.1.1.366corporate

symantecnorton_antivirusMatch8.1.1.377corporate

symantecnorton_antivirusMatch8.1.1_build8.1.1.314acorporate

symantecnorton_antivirusMatch8.1.1_build393corporate

symantecnorton_antivirusMatch8.01.434corporate

symantecnorton_antivirusMatch8.01.437corporate

symantecnorton_antivirusMatch8.01.446corporate

symantecnorton_antivirusMatch8.01.457corporate

symantecnorton_antivirusMatch8.01.460corporate

symantecnorton_antivirusMatch8.01.464corporate

symantecnorton_antivirusMatch8.01.471corporate

symantecnorton_antivirusMatch9.0corporate

symantecnorton_antivirusMatch9.0.0.338corporate

symantecnorton_antivirusMatch9.0.1.1.1000corporate

symantecnorton_antivirusMatch9.0.2.1000corporate

symantecnorton_antivirusMatch9.0.3.1000corporate

symantecnorton_antivirusMatch9.0.4corporate

symantecnorton_antivirusMatch9.0.5corporate

symantecnorton_antivirusMatch9.0.5.1100corporate

symantecnorton_antivirusMatch10.0corporate

symantecnorton_antivirusMatch10.0.2.2000corporate

symantecnorton_antivirusMatch10.0.2.2001corporate

symantecnorton_antivirusMatch10.0.2.2002corporate

symantecnorton_antivirusMatch10.0.2.2010corporate

symantecnorton_antivirusMatch10.0.2.2011corporate

symantecnorton_antivirusMatch10.0.2.2020corporate

symantecnorton_antivirusMatch10.0.2.2021corporate

symantecnorton_antivirusMatch10.1corporate

symantecnorton_antivirusMatch2003

symantecnorton_antivirusMatch2003professional

symantecnorton_antivirusMatch2004professional

symantecnorton_antivirusMatch2005

symantecnorton_antivirusMatch2006

symantecnorton_antivirusMatch2007

symantecnorton_internet_securityMatch2003

symantecnorton_internet_securityMatch2003professional

symantecnorton_internet_securityMatch2004

symantecnorton_internet_securityMatch2004professional

symantecnorton_internet_securityMatch2005

symantecnorton_internet_securityMatch2005professional

symantecnorton_internet_securityMatch2006professional

symantecnorton_internet_securityMatch2007

symantecnorton_personal_firewallMatch2003

symantecnorton_personal_firewallMatch2004

symantecnorton_personal_firewallMatch2005

symantecnorton_personal_firewallMatch2006

symantecnorton_system_worksMatch2003_professional_edition

symantecnorton_system_worksMatch2004

symantecnorton_system_worksMatch2004_professional_edition

symantecnorton_system_worksMatch2005

symantecnorton_system_worksMatch2005_premier

symantecnorton_system_worksMatch2006

symantecpcanywhereMatch11.5

References

secunia.com/advisories/21938

securityreason.com/securityalert/1591

securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html

securitytracker.com/id?1016889

securitytracker.com/id?1016892

securitytracker.com/id?1016893

securitytracker.com/id?1016894

securitytracker.com/id?1016895

securitytracker.com/id?1016896

securitytracker.com/id?1016897

securitytracker.com/id?1016898

www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php

www.securityfocus.com/archive/1/446111/100/0/threaded

www.securityfocus.com/bid/20051

www.vupen.com/english/advisories/2006/3636

exchange.xforce.ibmcloud.com/vulnerabilities/28960

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

5.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for NVD:CVE-2006-4855

cve3 securityvulns2 cvelist3 prion2 nvd2