CVE-2007-1476

The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0:*:scf_7.1:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0:build_9.0.0.338:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0:build_9.0.0.338:stm:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.4:mr4_build1000:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.5_build_1100:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.5_build_1100_mp1:mr5:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.6:mr6:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antispam:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:3.0:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.6.1000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.1.1008:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.4:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.4.4010:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.394:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.396:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.401:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:*:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*

History

21 Nov 2024, 00:28

Type Values Removed Values Added
References () http://marc.info/?l=full-disclosure&m=117396596027148&w=2 - () http://marc.info/?l=full-disclosure&m=117396596027148&w=2 -
References () http://osvdb.org/35088 - () http://osvdb.org/35088 -
References () http://securityreason.com/securityalert/2438 - () http://securityreason.com/securityalert/2438 -
References () http://securitytracker.com/id?1018656 - () http://securitytracker.com/id?1018656 -
References () http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php - Vendor Advisory () http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php - Vendor Advisory
References () http://www.securityfocus.com/archive/1/462926/100/0/threaded - () http://www.securityfocus.com/archive/1/462926/100/0/threaded -
References () http://www.securityfocus.com/bid/22977 - () http://www.securityfocus.com/bid/22977 -
References () http://www.symantec.com/avcenter/security/Content/2007.09.05.html - () http://www.symantec.com/avcenter/security/Content/2007.09.05.html -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/33003 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/33003 -

Information

Published : 2007-03-16 21:19

Updated : 2024-11-21 00:28


NVD link : CVE-2007-1476

Mitre link : CVE-2007-1476

CVE.ORG link : CVE-2007-1476


JSON object : View

Products Affected

symantec

  • norton_antispam
  • norton_antivirus
  • client_security
  • norton_internet_security
  • norton_system_works
  • norton_personal_firewall
CWE
CWE-20

Improper Input Validation