ID CVE-2007-2359
Summary Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string.
References
Vulnerable Configurations
  • cpe:2.3:a:symantec:backupexec_system_recovery:6.5:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:backupexec_system_recovery:6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:backupexec_system_recovery:6.52:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:backupexec_system_recovery:6.52:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:backupexec_system_recovery:6.52a:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:backupexec_system_recovery:6.52a:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:backupexec_system_recovery:6.53:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:backupexec_system_recovery:6.53:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:livestate_recovery:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:livestate_recovery:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:livestate_recovery:6.01:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:livestate_recovery:6.01:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:livestate_recovery:6.02:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:livestate_recovery:6.02:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_ghost:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_ghost:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_ghost:10.0:*:dell:*:*:*:*:*
    cpe:2.3:a:symantec:norton_ghost:10.0:*:dell:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_ghost:10.0:*:norton_system_works:*:*:*:*:*
    cpe:2.3:a:symantec:norton_ghost:10.0:*:norton_system_works:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_ghost:10.01:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_ghost:10.01:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_save_and_recovery:1.01:*:sony_euro:*:*:*:*:*
    cpe:2.3:a:symantec:norton_save_and_recovery:1.01:*:sony_euro:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_save_and_recovery:1.01b:*:norton_system_works_2007:*:*:*:*:*
    cpe:2.3:a:symantec:norton_save_and_recovery:1.01b:*:norton_system_works_2007:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_save_and_recovery:11.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_save_and_recovery:11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_save_and_recovery:11.01:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_save_and_recovery:11.01:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_save_and_recovery:11.01b:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_save_and_recovery:11.01b:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 29-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
confirm http://www.symantec.com/avcenter/security/Content/2007.04.26.html
idefense 20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability
sectrack 1017971
secunia 25013
vupen ADV-2007-1552
xf symantec-backup-unspecified-bo(33931)
Last major update 29-07-2017 - 01:31
Published 30-04-2007 - 22:19
Back to Top