Norton Insufficient protection of Norton service registry keys

2006.07.24

Credit: David Matousek

Risk: Medium

Local: Yes

Remote: No

CVE: CVE-2006-3725

CWE: CWE-Other

CVSS Base Score: 2.1/10

Impact Subscore: 2.9/10

Exploitability Subscore: 3.9/10

Exploit range: Local

Attack complexity: Low

Authentication: No required

Confidentiality impact: None

Integrity impact: None

Availability impact: Partial

Hello,

I would like to inform you about a vulnerability in the driver of Norton Personal Firewall component
found by Matousec - Transparent security. Detailed information is available here
http://www.matousec.com/info/advisories/Norton-Insufficient-protection-o
f-Norton-service-registry-keys.php

-- 
David Matousek

Founder and Chief Representative of Matousec - Transparent security
http://www.matousec.com/

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Norton Insufficient protection of Norton service registry keys

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.