ID CVE-2006-4855
Summary The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.
References
Vulnerable Configurations
  • cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.0_b8.01.9378:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.0_b8.01.9378:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.425a:mr1:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.425a:mr1:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.429c:mr2:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.429c:mr2:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.501:mr9:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.501:mr9:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.0_build_8.01.9374:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.0_build_8.01.9374:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_build_393:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_build_393:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1.1_mr6_b8.1.1.266:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1.1_mr6_b8.1.1.266:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:1.1_stm_b8.1.0.825a:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:1.1_stm_b8.1.0.825a:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0.5_build_1100:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0.5_build_1100:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:host_ids:*:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:host_ids:*:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:2.1:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:2.1:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.0:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.0:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.0.1:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.0.1:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.0.1.425a:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.0.1.425a:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.0.1.425c:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.0.1.425c:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.0.1.501:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.0.1.501:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.0.1.9374:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.0.1.9374:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.0.1.9378:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.0.1.9378:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.0.825a:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.0.825a:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1.366:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1.366:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1.377:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1.377:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.1.1_build393:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.1.1_build393:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:2003:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:2003:*:professional:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:2003:*:professional:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:2004:*:professional:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:2004:*:professional:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2003:*:professional:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2003:*:professional:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_system_works:2003_professional_edition:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_system_works:2003_professional_edition:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_system_works:2004_professional_edition:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_system_works:2004_professional_edition:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_system_works:2005_premier:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_system_works:2005_premier:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*
CVSS
Base: 4.9 (as of 17-10-2018 - 21:39)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:C
refmap via4
bid 20051
bugtraq 20060915 Symantec Norton Insufficient validation of 'SymEvent' driver input buffer
confirm http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html
misc http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php
sectrack
  • 1016889
  • 1016892
  • 1016893
  • 1016894
  • 1016895
  • 1016896
  • 1016897
  • 1016898
secunia 21938
sreason 1591
vupen ADV-2006-3636
xf symantec-firewall-symevent-dos(28960)
Last major update 17-10-2018 - 21:39
Published 19-09-2006 - 18:07
Last modified 17-10-2018 - 21:39
Back to Top