CVE-2007-5047

The vulnerability CVE-2007-5047 affects Norton Internet Security 2008 (build 15.0.0.60) where NtOpenSection SSDT hooks are not properly validating parameters passed to SSDT function handlers, enabling local users to trigger a crash (DoS) and potentially gain privileges via the kernel NtOpenSectio...

Code injection

SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service crash or possibly execute arbitrary code via crafted arguments to the 1...

[Full-disclosure] Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability

Hello, We would like to inform you about a vulnerability in Symantec Norton products. Description: Symantec Norton Personal Firewall hooks many functions in SSDT and in at least two cases it fails to validate arguments that come from the user mode. User calls to NtCreateMutant and NtOpenEvent wit...

Symantec (Multiple Products) - 'SPBBCDrv' Driver Local Denial of Service

// source: https://www.securityfocus.com/bid/23241/info Multiple Symantec products are prone to a local denial-of-service vulnerability. This issue occurs when attackers supply invalid argument values to the 'SPBBCDrv.sys' driver. A local attacker may exploit this issue to crash affected computer...