CVE-2007-1793

SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.
References
Link Resource
http://osvdb.org/34692
http://secunia.com/advisories/24677 Vendor Advisory
http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html
http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php Vendor Advisory
http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php
http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php
http://www.securityfocus.com/archive/1/464456/100/0/threaded
http://www.securityfocus.com/archive/1/479830/100/0/threaded
http://www.securityfocus.com/bid/23241 Exploit
http://www.securitytracker.com/id?1017837 Patch
http://www.securitytracker.com/id?1017838 Patch
http://www.securitytracker.com/id?1021386
http://www.securitytracker.com/id?1021387
http://www.securitytracker.com/id?1021388
http://www.securitytracker.com/id?1021389
http://www.vupen.com/english/advisories/2007/1192 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33352
http://osvdb.org/34692
http://secunia.com/advisories/24677 Vendor Advisory
http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html
http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php Vendor Advisory
http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php
http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php
http://www.securityfocus.com/archive/1/464456/100/0/threaded
http://www.securityfocus.com/archive/1/479830/100/0/threaded
http://www.securityfocus.com/bid/23241 Exploit
http://www.securitytracker.com/id?1017837 Patch
http://www.securitytracker.com/id?1017838 Patch
http://www.securitytracker.com/id?1021386
http://www.securitytracker.com/id?1021387
http://www.securitytracker.com/id?1021388
http://www.securitytracker.com/id?1021389
http://www.vupen.com/english/advisories/2007/1192 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33352
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_360:1.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antispam:2004:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antispam:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2004:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2008:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*

History

21 Nov 2024, 00:29

Type Values Removed Values Added
References () http://osvdb.org/34692 - () http://osvdb.org/34692 -
References () http://secunia.com/advisories/24677 - Vendor Advisory () http://secunia.com/advisories/24677 - Vendor Advisory
References () http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html - () http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html -
References () http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php - Vendor Advisory () http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php - Vendor Advisory
References () http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php - () http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php -
References () http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php - () http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php -
References () http://www.securityfocus.com/archive/1/464456/100/0/threaded - () http://www.securityfocus.com/archive/1/464456/100/0/threaded -
References () http://www.securityfocus.com/archive/1/479830/100/0/threaded - () http://www.securityfocus.com/archive/1/479830/100/0/threaded -
References () http://www.securityfocus.com/bid/23241 - Exploit () http://www.securityfocus.com/bid/23241 - Exploit
References () http://www.securitytracker.com/id?1017837 - Patch () http://www.securitytracker.com/id?1017837 - Patch
References () http://www.securitytracker.com/id?1017838 - Patch () http://www.securitytracker.com/id?1017838 - Patch
References () http://www.securitytracker.com/id?1021386 - () http://www.securitytracker.com/id?1021386 -
References () http://www.securitytracker.com/id?1021387 - () http://www.securitytracker.com/id?1021387 -
References () http://www.securitytracker.com/id?1021388 - () http://www.securitytracker.com/id?1021388 -
References () http://www.securitytracker.com/id?1021389 - () http://www.securitytracker.com/id?1021389 -
References () http://www.vupen.com/english/advisories/2007/1192 - Vendor Advisory () http://www.vupen.com/english/advisories/2007/1192 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/33352 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/33352 -

Information

Published : 2007-04-02 22:19

Updated : 2024-11-21 00:29


NVD link : CVE-2007-1793

Mitre link : CVE-2007-1793

CVE.ORG link : CVE-2007-1793


JSON object : View

Products Affected

symantec

  • norton_antispam
  • norton_antivirus
  • antivirus
  • client_security
  • norton_internet_security
  • norton_360
  • norton_system_works
  • norton_personal_firewall
CWE
CWE-20

Improper Input Validation