The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:16
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/21938 - Vendor Advisory | |
References | () http://securityreason.com/securityalert/1591 - | |
References | () http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html - | |
References | () http://securitytracker.com/id?1016889 - | |
References | () http://securitytracker.com/id?1016892 - | |
References | () http://securitytracker.com/id?1016893 - | |
References | () http://securitytracker.com/id?1016894 - | |
References | () http://securitytracker.com/id?1016895 - | |
References | () http://securitytracker.com/id?1016896 - | |
References | () http://securitytracker.com/id?1016897 - | |
References | () http://securitytracker.com/id?1016898 - | |
References | () http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php - Vendor Advisory | |
References | () http://www.securityfocus.com/archive/1/446111/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/20051 - Exploit | |
References | () http://www.vupen.com/english/advisories/2006/3636 - Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/28960 - |
Information
Published : 2006-09-19 18:07
Updated : 2024-11-21 00:16
NVD link : CVE-2006-4855
Mitre link : CVE-2006-4855
CVE.ORG link : CVE-2006-4855
JSON object : View
Products Affected
symantec
- norton_antivirus
- client_security
- norton_internet_security
- norton_system_works
- host_ids
- pcanywhere
- norton_personal_firewall
CWE
CWE-399
Resource Management Errors