CVE-2006-4927

The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions (1) 0x222AD3, (2) 0x222AD7, and (3) 0x222ADB.
References
Link Resource
http://secunia.com/advisories/22288 Patch Vendor Advisory
http://securityreason.com/securityalert/1690
http://securitytracker.com/id?1016994 Exploit Patch
http://securitytracker.com/id?1016995 Exploit Patch
http://securitytracker.com/id?1016996 Exploit Patch
http://securitytracker.com/id?1016997 Exploit Patch
http://securitytracker.com/id?1016998 Exploit Patch
http://securitytracker.com/id?1016999 Exploit Patch
http://securitytracker.com/id?1017000 Exploit Patch
http://securitytracker.com/id?1017001 Exploit Patch
http://securitytracker.com/id?1017002 Exploit Patch
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=417 Patch Vendor Advisory
http://www.kb.cert.org/vuls/id/946820 US Government Resource
http://www.securityfocus.com/archive/1/447849/100/0/threaded
http://www.securityfocus.com/bid/20360 Exploit Patch
http://www.symantec.com/avcenter/security/Content/2006.10.05a.html Patch
http://www.vupen.com/english/advisories/2006/3928
https://exchange.xforce.ibmcloud.com/vulnerabilities/29360
http://secunia.com/advisories/22288 Patch Vendor Advisory
http://securityreason.com/securityalert/1690
http://securitytracker.com/id?1016994 Exploit Patch
http://securitytracker.com/id?1016995 Exploit Patch
http://securitytracker.com/id?1016996 Exploit Patch
http://securitytracker.com/id?1016997 Exploit Patch
http://securitytracker.com/id?1016998 Exploit Patch
http://securitytracker.com/id?1016999 Exploit Patch
http://securitytracker.com/id?1017000 Exploit Patch
http://securitytracker.com/id?1017001 Exploit Patch
http://securitytracker.com/id?1017002 Exploit Patch
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=417 Patch Vendor Advisory
http://www.kb.cert.org/vuls/id/946820 US Government Resource
http://www.securityfocus.com/archive/1/447849/100/0/threaded
http://www.securityfocus.com/bid/20360 Exploit Patch
http://www.symantec.com/avcenter/security/Content/2006.10.05a.html Patch
http://www.vupen.com/english/advisories/2006/3928
https://exchange.xforce.ibmcloud.com/vulnerabilities/29360
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:symantec:naveng_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:symantec:navex15_driver:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:17

Type Values Removed Values Added
References () http://secunia.com/advisories/22288 - Patch, Vendor Advisory () http://secunia.com/advisories/22288 - Patch, Vendor Advisory
References () http://securityreason.com/securityalert/1690 - () http://securityreason.com/securityalert/1690 -
References () http://securitytracker.com/id?1016994 - Exploit, Patch () http://securitytracker.com/id?1016994 - Exploit, Patch
References () http://securitytracker.com/id?1016995 - Exploit, Patch () http://securitytracker.com/id?1016995 - Exploit, Patch
References () http://securitytracker.com/id?1016996 - Exploit, Patch () http://securitytracker.com/id?1016996 - Exploit, Patch
References () http://securitytracker.com/id?1016997 - Exploit, Patch () http://securitytracker.com/id?1016997 - Exploit, Patch
References () http://securitytracker.com/id?1016998 - Exploit, Patch () http://securitytracker.com/id?1016998 - Exploit, Patch
References () http://securitytracker.com/id?1016999 - Exploit, Patch () http://securitytracker.com/id?1016999 - Exploit, Patch
References () http://securitytracker.com/id?1017000 - Exploit, Patch () http://securitytracker.com/id?1017000 - Exploit, Patch
References () http://securitytracker.com/id?1017001 - Exploit, Patch () http://securitytracker.com/id?1017001 - Exploit, Patch
References () http://securitytracker.com/id?1017002 - Exploit, Patch () http://securitytracker.com/id?1017002 - Exploit, Patch
References () http://www.idefense.com/intelligence/vulnerabilities/display.php?id=417 - Patch, Vendor Advisory () http://www.idefense.com/intelligence/vulnerabilities/display.php?id=417 - Patch, Vendor Advisory
References () http://www.kb.cert.org/vuls/id/946820 - US Government Resource () http://www.kb.cert.org/vuls/id/946820 - US Government Resource
References () http://www.securityfocus.com/archive/1/447849/100/0/threaded - () http://www.securityfocus.com/archive/1/447849/100/0/threaded -
References () http://www.securityfocus.com/bid/20360 - Exploit, Patch () http://www.securityfocus.com/bid/20360 - Exploit, Patch
References () http://www.symantec.com/avcenter/security/Content/2006.10.05a.html - Patch () http://www.symantec.com/avcenter/security/Content/2006.10.05a.html - Patch
References () http://www.vupen.com/english/advisories/2006/3928 - () http://www.vupen.com/english/advisories/2006/3928 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/29360 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/29360 -

Information

Published : 2006-10-10 04:06

Updated : 2024-11-21 00:17


NVD link : CVE-2006-4927

Mitre link : CVE-2006-4927

CVE.ORG link : CVE-2006-4927


JSON object : View

Products Affected

symantec

  • navex15_driver
  • naveng_driver