1. CVE-Search
  2. CVE-2006-4802
ID CVE-2006-4802
Summary Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a "second format string vulnerability" as found by the vendor.
References
Vulnerable Configurations
  • cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.8:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.9:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*
CVSS
Base: 4.6 (as of 17-10-2018 - 21:39)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 19986
bugtraq 20060918 Symantec Security Advisory: Symantec AntiVirus Corporate Edition
confirm http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html
sectrack 1016842
secunia 21884
xf symantecantivirus-alert-dos(28937)
Last major update 17-10-2018 - 21:39
Published 14-09-2006 - 22:07
Last modified 17-10-2018 - 21:39
Back to Top