Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1310

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2003-1310
Last Modified 05 Sep 2008 04:36:36
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-1310

Summary

The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack").

Vulnerable Systems

Application

  • Symantec Norton Antivirus 2002

  • Symantec Norton Antivirus 2003


References

XF - device-driver-gain-privileges(12824)

BID - 8329

OSVDB - 4362

SECUNIA - 9460


Last Updated: 27 May 2016 10:38:18