SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:29
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/34692 - | |
References | () http://secunia.com/advisories/24677 - Vendor Advisory | |
References | () http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html - | |
References | () http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php - Vendor Advisory | |
References | () http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php - | |
References | () http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php - | |
References | () http://www.securityfocus.com/archive/1/464456/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/479830/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/23241 - Exploit | |
References | () http://www.securitytracker.com/id?1017837 - Patch | |
References | () http://www.securitytracker.com/id?1017838 - Patch | |
References | () http://www.securitytracker.com/id?1021386 - | |
References | () http://www.securitytracker.com/id?1021387 - | |
References | () http://www.securitytracker.com/id?1021388 - | |
References | () http://www.securitytracker.com/id?1021389 - | |
References | () http://www.vupen.com/english/advisories/2007/1192 - Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/33352 - |
Information
Published : 2007-04-02 22:19
Updated : 2024-11-21 00:29
NVD link : CVE-2007-1793
Mitre link : CVE-2007-1793
CVE.ORG link : CVE-2007-1793
JSON object : View
Products Affected
symantec
- norton_antispam
- norton_antivirus
- antivirus
- client_security
- norton_internet_security
- norton_360
- norton_system_works
- norton_personal_firewall
CWE
CWE-20
Improper Input Validation