CVE-2006-4927
CVE-2006-4927 concerns local privilege escalation in Symantec AntiVirus products due to improper address-space validation in NAVENG.SYS and NAVEX15.SYS device drivers. The vulnerability stems from processing IOCTLs 0x222AD3, 0x222AD7, and 0x222ADB, where a crafted IRP could overwrite a user-suppl...