Vulnerability CVE-2007-1476


Published: 2007-03-16   Modified: 2012-02-12

Description:
The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Norton Insufficient validation of \'SymTDI\' driver input buffer
Matousec - Trans...
21.03.2007

Type:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:L/AC:M/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
1.9/10
2.9/10
3.4/10
Exploit range
Attack complexity
Authentication
Local
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Symantec -> Client security 
Symantec -> Norton antispam 
Symantec -> Norton antivirus 
Symantec -> Norton internet security 
Symantec -> Norton personal firewall 
Symantec -> Norton system works 

 References:
http://marc.info/?l=full-disclosure&m=117396596027148&w=2
http://securityreason.com/securityalert/2438
http://securitytracker.com/id?1018656
http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php
http://www.securityfocus.com/archive/1/462926/100/0/threaded
http://www.securityfocus.com/bid/22977
http://www.symantec.com/avcenter/security/Content/2007.09.05.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/33003

Copyright 2024, cxsecurity.com

 

Back to Top