The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:13
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/22536 - | |
References | () http://securitytracker.com/id?1017108 - | |
References | () http://securitytracker.com/id?1017109 - | |
References | () http://www.securityfocus.com/archive/1/449524/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/20684 - | |
References | () http://www.symantec.com/avcenter/security/Content/2006.10.23.html - Patch | |
References | () http://www.vupen.com/english/advisories/2006/4157 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/29762 - |
Information
Published : 2006-10-23 20:07
Updated : 2024-11-21 00:13
NVD link : CVE-2006-3455
Mitre link : CVE-2006-3455
CVE.ORG link : CVE-2006-3455
JSON object : View
Products Affected
symantec
- norton_antivirus
- client_security
CWE