ID CVE-2007-2359
Summary Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string.
References
Vulnerable Configurations
  • cpe:2.3:a:symantec:backupexec_system_recovery:6.5
    cpe:2.3:a:symantec:backupexec_system_recovery:6.5
  • cpe:2.3:a:symantec:backupexec_system_recovery:6.52
    cpe:2.3:a:symantec:backupexec_system_recovery:6.52
  • cpe:2.3:a:symantec:backupexec_system_recovery:6.52a
    cpe:2.3:a:symantec:backupexec_system_recovery:6.52a
  • cpe:2.3:a:symantec:backupexec_system_recovery:6.53
    cpe:2.3:a:symantec:backupexec_system_recovery:6.53
  • Symantec LiveState Recovery 6.0
    cpe:2.3:a:symantec:livestate_recovery:6.0
  • Symantec LiveState Recovery 6.01
    cpe:2.3:a:symantec:livestate_recovery:6.01
  • Symantec LiveState Recovery 6.02
    cpe:2.3:a:symantec:livestate_recovery:6.02
  • cpe:2.3:a:symantec:norton_ghost:10.0
    cpe:2.3:a:symantec:norton_ghost:10.0
  • cpe:2.3:a:symantec:norton_ghost:10.0:-:dell
    cpe:2.3:a:symantec:norton_ghost:10.0:-:dell
  • cpe:2.3:a:symantec:norton_ghost:10.0:-:norton_system_works
    cpe:2.3:a:symantec:norton_ghost:10.0:-:norton_system_works
  • cpe:2.3:a:symantec:norton_ghost:10.01
    cpe:2.3:a:symantec:norton_ghost:10.01
  • cpe:2.3:a:symantec:norton_save_and_recovery:1.01:-:sony_euro
    cpe:2.3:a:symantec:norton_save_and_recovery:1.01:-:sony_euro
  • cpe:2.3:a:symantec:norton_save_and_recovery:1.01b:-:norton_system_works_2007
    cpe:2.3:a:symantec:norton_save_and_recovery:1.01b:-:norton_system_works_2007
  • cpe:2.3:a:symantec:norton_save_and_recovery:11.0
    cpe:2.3:a:symantec:norton_save_and_recovery:11.0
  • cpe:2.3:a:symantec:norton_save_and_recovery:11.01
    cpe:2.3:a:symantec:norton_save_and_recovery:11.01
  • cpe:2.3:a:symantec:norton_save_and_recovery:11.01b
    cpe:2.3:a:symantec:norton_save_and_recovery:11.01b
CVSS
Base: 7.2 (as of 01-05-2007 - 13:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
refmap via4
confirm http://www.symantec.com/avcenter/security/Content/2007.04.26.html
idefense 20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability
sectrack 1017971
secunia 25013
vupen ADV-2007-1552
xf symantec-backup-unspecified-bo(33931)
Last major update 07-03-2011 - 21:54
Published 30-04-2007 - 18:19
Last modified 28-07-2017 - 21:31
Back to Top