Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3455

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-3455
Last Modified 07 Mar 2011 09:38:40
Published 23 Oct 2006 04:07:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2006-3455

Summary

The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.

Vulnerable Systems

Application

  • Symantec Client Security 1.1

  • Symantec Client Security 1.1 Stm B8.1.0.825a

  • Symantec Client Security 1.1.1

  • Symantec Client Security 1.1.1 Build 393

  • Symantec Client Security 1.1.1 Mr1 Build 8.1.1.314a

  • Symantec Client Security 1.1.1 Mr2 Build 8.1.1.319

  • Symantec Client Security 1.1.1 Mr3 Build 8.1.1.323

  • Symantec Client Security 1.1.1 Mr4 Build 8.1.1.329

  • Symantec Client Security 1.1.1 Mr5 Build 8.1.1.336

  • Symantec Client Security 1.1.1 Mr6 B8.1.1.266

  • Symantec Client Security 2.0

  • Symantec Client Security 2.0 Scf 7.1

  • Symantec Client Security 2.0 Stm Build 9.0.0.338

  • Symantec Client Security 2.0.1

  • Symantec Client Security 2.0.1 Build 9.0.1.1000

  • Symantec Client Security 2.0.2

  • Symantec Client Security 2.0.2 Build 9.0.2.1000

  • Symantec Client Security 2.0.3

  • Symantec Client Security 2.0.3 Build 9.0.3.1000

  • Symantec Norton Antivirus 8.01.434

  • Symantec Norton Antivirus 8.01.437

  • Symantec Norton Antivirus 8.01.446

  • Symantec Norton Antivirus 8.01.457

  • Symantec Norton Antivirus 8.01.460

  • Symantec Norton Antivirus 8.01.464

  • Symantec Norton Antivirus 8.01.471

  • Symantec Norton Antivirus 8.1

  • Symantec Norton Antivirus 8.1.0.825a

  • Symantec Norton Antivirus 8.1.1

  • Symantec Norton Antivirus 8.1.1 Build393

  • Symantec Norton Antivirus 8.1.1 Build8.1.1.314a

  • Symantec Norton Antivirus 8.1.1.319

  • Symantec Norton Antivirus 8.1.1.323

  • Symantec Norton Antivirus 8.1.1.329

  • Symantec Norton Antivirus 8.1.1.366

  • Symantec Norton Antivirus 8.1.1.377

  • Symantec Norton Antivirus 9.0.1

  • Symantec Norton Antivirus 9.0.1.1.1000

  • Symantec Norton Antivirus 9.0.1.1000

  • Symantec Norton Antivirus 9.0.2

  • Symantec Norton Antivirus 9.0.2.1000


References

CONFIRM - http://www.symantec.com/avcenter/security/Content/2006.10.23.html

VUPEN - ADV-2006-4157

XF - symantec-savrt-privilege-escalation(29762)

BID - 20684

BUGTRAQ - 20061023 Symantec Product Security: Symantec Device Driver Elevation of Privileg

SECTRACK - 1017109

SECTRACK - 1017108

SECUNIA - 22536


Last Updated: 27 May 2016 10:43:01