Vulnerability CVE-2006-4927


Published: 2006-10-10   Modified: 2012-02-12

Description:
The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions (1) 0x222AD3, (2) 0x222AD7, and (3) 0x222ADB.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Symantec Antivirus Engine Privilege Escalation
Rubn Santamarta
10.10.2006

Type:

CWE-Other

Vendor: Symantec
Product: Naveng driver 
Product: Navex15 driver 

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://securityreason.com/securityalert/1690
http://securitytracker.com/id?1016994
http://securitytracker.com/id?1016995
http://securitytracker.com/id?1016996
http://securitytracker.com/id?1016997
http://securitytracker.com/id?1016998
http://securitytracker.com/id?1016999
http://securitytracker.com/id?1017000
http://securitytracker.com/id?1017001
http://securitytracker.com/id?1017002
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=417
http://www.kb.cert.org/vuls/id/946820
http://www.securityfocus.com/archive/1/447849/100/0/threaded
http://www.securityfocus.com/bid/20360
http://www.symantec.com/avcenter/security/Content/2006.10.05a.html
http://www.vupen.com/english/advisories/2006/3928
https://exchange.xforce.ibmcloud.com/vulnerabilities/29360

Related CVE
CVE-2019-9694
Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that...
CVE-2019-9696
Symantec VIP Enterprise Gateway (all versions) may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting v...
CVE-2018-18364
Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of...
CVE-2018-12245
Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note ...
CVE-2018-12239
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) pr...
CVE-2018-12238
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) pr...
CVE-2018-12243
The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity (XXE) exploit, which is a type of issue where XML input containing a reference to an external entity is processed by a weakly configured XML parser. Th...
CVE-2018-12242
The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to an authentication bypass exploit, which is a type of issue that can allow attackers to potentially circumvent security mechanisms currently in place and gain access to the s...

Copyright 2019, cxsecurity.com

 

Back to Top