1. CVE-Search
  2. CVE-2006-3455
ID CVE-2006-3455
Summary The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.
References
Vulnerable Configurations
  • cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_build_393:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_build_393:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr6_b8.1.1.266:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr6_b8.1.1.266:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1_stm_b8.1.0.825a:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1_stm_b8.1.0.825a:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.0.825a:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.0.825a:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1.366:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1.366:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1.377:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1.377:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1_build393:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1_build393:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*
CVSS
Base: 4.3 (as of 18-10-2018 - 16:47)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:S/C:P/I:P/A:P
refmap via4
bid 20684
bugtraq 20061023 Symantec Product Security: Symantec Device Driver Elevation of Privileg
confirm http://www.symantec.com/avcenter/security/Content/2006.10.23.html
sectrack
  • 1017108
  • 1017109
secunia 22536
vupen ADV-2006-4157
xf symantec-savrt-privilege-escalation(29762)
Last major update 18-10-2018 - 16:47
Published 23-10-2006 - 20:07
Last modified 18-10-2018 - 16:47
Back to Top