CVE-2006-0166

Symantec Norton SystemWorks and SystemWorks Premier 2005 and 2006 stores temporary copies of files in the Norton Protected Recycle Bin NProtect directory, which is hidden from the FindFirst and FindNext Windows APIs and allows remote attackers to hide arbitrary files from virus scanners and other products.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/18402	Patch Vendor Advisory
http://securityresponse.symantec.com/avcenter/security/Content/2006.01.10.html	Patch Vendor Advisory
http://securitytracker.com/id?1015462	Patch
http://www.vupen.com/english/advisories/2006/0143
https://exchange.xforce.ibmcloud.com/vulnerabilities/24061

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:symantec:norton_system_works:2005:::::::*
	cpe:2.3:a:symantec:norton_system_works:2005_premier:::::::*
	cpe:2.3:a:symantec:norton_system_works:2006:::::::*
	cpe:2.3:a:symantec:norton_system_works:2006_premier:::::::*

History

No history.

Information

Published : 2006-01-11 21:03

Updated : 2024-02-28 10:42

NVD link : CVE-2006-0166

Mitre link : CVE-2006-0166

CVE.ORG link : CVE-2006-0166

JSON object : View

Products Affected

symantec

norton_system_works

CWE

NVD-CWE-Other

{"id": "CVE-2006-0166", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-01-11T21:03:00.000", "references": [{"url": "http://secunia.com/advisories/18402", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.01.10.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1015462", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/0143", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24061", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Symantec Norton SystemWorks and SystemWorks Premier 2005 and 2006 stores temporary copies of files in the Norton Protected Recycle Bin NProtect directory, which is hidden from the FindFirst and FindNext Windows APIs and allows remote attackers to hide arbitrary files from virus scanners and other products."}], "lastModified": "2017-07-20T01:29:30.893", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29F670F0-FD5D-447C-94B8-691482D907F2"}, {"criteria": "cpe:2.3:a:symantec:norton_system_works:2005_premier:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5E481D2-87F3-4912-BB87-5168C6A1BE23"}, {"criteria": "cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05EB078C-2538-4961-ABFF-6C4601C3977F"}, {"criteria": "cpe:2.3:a:symantec:norton_system_works:2006_premier:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07ED984C-BDE4-4CF6-ACBE-2D2FC01B5BDA"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}