cvelistv5 - CVE-2006-2630

CVE-2006-2630 (GCVE-0-2006-2630)

Vulnerability from cvelistv5

Published

2006-05-27 21:00

Modified

2024-08-07 17:58

Severity ?

CWE

Summary

Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.

References

URL

Tags

cve@mitre.org	http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html
cve@mitre.org	http://secunia.com/advisories/20318	Patch, Vendor Advisory
cve@mitre.org	http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html	Patch, Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1016161	Patch
cve@mitre.org	http://securitytracker.com/id?1016162	Patch
cve@mitre.org	http://www.eeye.com/html/research/upcoming/20060524.html
cve@mitre.org	http://www.kb.cert.org/vuls/id/404910	Patch, US Government Resource
cve@mitre.org	http://www.securityfocus.com/archive/1/435200/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/18107	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2006/2005
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/26706
af854a3a-2127-422b-91ae-364da2661108	http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20318	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016161	Patch
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016162	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.eeye.com/html/research/upcoming/20060524.html
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/404910	Patch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/435200/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/18107	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2005
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/26706

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:58:51.885Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2006-2005",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2005"
          },
          {
            "name": "EEYEB-20060524",
            "tags": [
              "third-party-advisory",
              "x_refsource_EEYE",
              "x_transferred"
            ],
            "url": "http://www.eeye.com/html/research/upcoming/20060524.html"
          },
          {
            "name": "1016161",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016161"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html"
          },
          {
            "name": "1016162",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016162"
          },
          {
            "name": "20060527 Symantec antivirus software exposes computers",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/435200/100/0/threaded"
          },
          {
            "name": "symantec-antivirus-client-bo(26706)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26706"
          },
          {
            "name": "VU#404910",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/404910"
          },
          {
            "name": "20318",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20318"
          },
          {
            "name": "18107",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18107"
          },
          {
            "name": "20060526 new symantec vuln",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-05-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2006-2005",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2005"
        },
        {
          "name": "EEYEB-20060524",
          "tags": [
            "third-party-advisory",
            "x_refsource_EEYE"
          ],
          "url": "http://www.eeye.com/html/research/upcoming/20060524.html"
        },
        {
          "name": "1016161",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016161"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html"
        },
        {
          "name": "1016162",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016162"
        },
        {
          "name": "20060527 Symantec antivirus software exposes computers",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/435200/100/0/threaded"
        },
        {
          "name": "symantec-antivirus-client-bo(26706)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26706"
        },
        {
          "name": "VU#404910",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/404910"
        },
        {
          "name": "20318",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20318"
        },
        {
          "name": "18107",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18107"
        },
        {
          "name": "20060526 new symantec vuln",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-2630",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2006-2005",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2005"
            },
            {
              "name": "EEYEB-20060524",
              "refsource": "EEYE",
              "url": "http://www.eeye.com/html/research/upcoming/20060524.html"
            },
            {
              "name": "1016161",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016161"
            },
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html",
              "refsource": "CONFIRM",
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html"
            },
            {
              "name": "1016162",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016162"
            },
            {
              "name": "20060527 Symantec antivirus software exposes computers",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/435200/100/0/threaded"
            },
            {
              "name": "symantec-antivirus-client-bo(26706)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26706"
            },
            {
              "name": "VU#404910",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/404910"
            },
            {
              "name": "20318",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20318"
            },
            {
              "name": "18107",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18107"
            },
            {
              "name": "20060526 new symantec vuln",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-2630",
    "datePublished": "2006-05-27T21:00:00",
    "dateReserved": "2006-05-27T00:00:00",
    "dateUpdated": "2024-08-07T17:58:51.885Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-2630\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-05-27T21:02:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en pila en Symantec Antivirus 10.1 y Client Security 3.1 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n vectores de ataque desconocidos.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"844A6963-F60C-4D48-8445-9056C99201D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EBD7767-C352-435B-8963-83F723FFD302\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D24019B-20F0-4B4D-86A5-9409698E6216\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6090F86-0B42-403F-9996-9B7670EBAA5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF555313-BB5A-4D8A-A3A1-609ABC39F6FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"CAC5389A-8B18-40C4-A3E0-E50B6AA724FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"275187A5-FB3A-41C2-A6F4-F2DC9D88D0DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"6A220194-CCB1-41F6-9CB0-A79C2E5E36FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"4D3CBEF5-25C6-41E8-97A3-2AA43134E619\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"81AE594C-41ED-4FE8-839D-B604AE8DC901\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"423C4F6C-4D87-4604-9122-02E2F06FAFB7\"}]}]}],\"references\":[{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/20318\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1016161\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://securitytracker.com/id?1016162\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.eeye.com/html/research/upcoming/20060524.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/404910\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/archive/1/435200/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/18107\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2005\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/26706\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/20318\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1016161\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://securitytracker.com/id?1016162\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.eeye.com/html/research/upcoming/20060524.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/404910\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/archive/1/435200/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/18107\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/26706\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2006-AVI-221

Vulnerability from certfr_avis

Une vulnérabilité a été identifiée dans certaines versions des produits Symantec AntiVirus Corporate Edition et Symantec Client Security. Un utilisateur malveillant distant peut profiter de celle-ci pour perturber le système hébergeant le service Symantec ou y exécuter des commandes arbitraires.

Description

Une vulnérabilité de type débordement de pile (ou stack overflow) a été identifiée dans certaines versions des produits Symantec AntiVirus Corporate Edition et Symantec Client Security. Une pile est une structure logique destinée à contenir des données. Cette vulnérabilité se situe au niveau de la console de gestion distante, qui est généralement activée en écoute par défaut sur le port TCP 2967. Elle ne vérifie pas correctement les données de certaines requêtes envoyées à Rtvscan.exe. Un utilisateur malveillant distant peut profiter de cette vulnérabilité pour perturber le système hébergeant le service Symantec ou y exécuter des commandes arbitraires.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Symantec	N/A	la version 10.1 de Symantec AntiVirus Corporate Edition pour Microsoft Windows ;
Symantec	N/A	la version 3.1 de Symantec Security Client pour Microsoft Windows.
Symantec	N/A	La version 10.0 de Symantec AntiVirus Corporate Edition pour Microsoft Windows ;
Symantec	N/A	la version 3.0 de Symantec Security Client pour Microsoft Windows ;

References

Title

Publication Time

ghsa-33qj-7hm4-jp7v

Vulnerability from github

Published

2022-05-01 07:00

Modified

2022-05-01 07:00

Details

Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-2630"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-05-27T21:02:00Z",
    "severity": "HIGH"
  },
  "details": "Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.",
  "id": "GHSA-33qj-7hm4-jp7v",
  "modified": "2022-05-01T07:00:52Z",
  "published": "2022-05-01T07:00:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-2630"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26706"
    },
    {
      "type": "WEB",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20318"
    },
    {
      "type": "WEB",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016161"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016162"
    },
    {
      "type": "WEB",
      "url": "http://www.eeye.com/html/research/upcoming/20060524.html"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/404910"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/435200/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/18107"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/2005"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2006-2630

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.

Aliases

CVE-2006-2630

Aliases

CVE-2006-2630

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-2630",
    "description": "Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.",
    "id": "GSD-2006-2630",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2006-2630"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-2630"
      ],
      "details": "Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.",
      "id": "GSD-2006-2630",
      "modified": "2023-12-13T01:19:52.508668Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-2630",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ADV-2006-2005",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/2005"
          },
          {
            "name": "EEYEB-20060524",
            "refsource": "EEYE",
            "url": "http://www.eeye.com/html/research/upcoming/20060524.html"
          },
          {
            "name": "1016161",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016161"
          },
          {
            "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html",
            "refsource": "CONFIRM",
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html"
          },
          {
            "name": "1016162",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016162"
          },
          {
            "name": "20060527 Symantec antivirus software exposes computers",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/435200/100/0/threaded"
          },
          {
            "name": "symantec-antivirus-client-bo(26706)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26706"
          },
          {
            "name": "VU#404910",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/404910"
          },
          {
            "name": "20318",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20318"
          },
          {
            "name": "18107",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/18107"
          },
          {
            "name": "20060526 new symantec vuln",
            "refsource": "FULLDISC",
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-2630"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "EEYEB-20060524",
              "refsource": "EEYE",
              "tags": [],
              "url": "http://www.eeye.com/html/research/upcoming/20060524.html"
            },
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html"
            },
            {
              "name": "18107",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/18107"
            },
            {
              "name": "1016161",
              "refsource": "SECTRACK",
              "tags": [
                "Patch"
              ],
              "url": "http://securitytracker.com/id?1016161"
            },
            {
              "name": "1016162",
              "refsource": "SECTRACK",
              "tags": [
                "Patch"
              ],
              "url": "http://securitytracker.com/id?1016162"
            },
            {
              "name": "VU#404910",
              "refsource": "CERT-VN",
              "tags": [
                "Patch",
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/404910"
            },
            {
              "name": "20318",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/20318"
            },
            {
              "name": "20060526 new symantec vuln",
              "refsource": "FULLDISC",
              "tags": [],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html"
            },
            {
              "name": "ADV-2006-2005",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/2005"
            },
            {
              "name": "symantec-antivirus-client-bo(26706)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26706"
            },
            {
              "name": "20060527 Symantec antivirus software exposes computers",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/435200/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-18T16:40Z",
      "publishedDate": "2006-05-27T21:02Z"
    }
  }
}

var-200605-0399

Vulnerability from variot

Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors. Symantec products are vulnerable to a stack-based buffer overflow. Symantec AntiVirus Corporate Edition 10.1 and Symantec Client Security 3.1 are currently known to be vulnerable to this issue. All supported platforms are affected including Microsoft Windows and Novell Netware. Symantec AntiVirus is a very popular antivirus solution. The remote management protocol used by the affected products for communication is a proprietary message-based protocol with two levels of encapsulation. The outer layer consists of message headers, which may be message type 10, which means requesting Rtvscan.exe, or type 20 or 30, which means forwarding SSL negotiation. If SSL is created for a TCP connection, subsequent communication is encrypted, although there is still plaintext in the private format. The data of the type 10 message contains its own header and message body, both of which are processed by Rtvscan.exe. There is a command field in this header, which specifies the operation to be performed and the format of the message body data. COM_FORWARD_LOG (0x24) The command handler does not use strncat correctly, allowing to overwrite the 0x180 byte stack buffer with arbitrary data. If the first string in the COM_FORWARD_LOG request contains a backslash, one of two strncat calls is performed: * If the string contains commas but no double quotes: strncat(dest, src, 0x17A - strlen(src )); * Otherwise: strncat(dest, src, 0x17C - strlen(src)); If the length of the source string exceeds 0x17A or 0x17C characters respectively, the arithmetic will underflow, resulting in a large memory copy size. This might allow appending this source string to the buffer, overwriting the stack with 64KB of data (null characters excluded). Rtvscan.exe is compiled with the Visual Studio /GS security option and includes stack canary checks. But an attacker can bypass this security measure by overriding and controlling the exception handler registration.

SOLUTION: Apply patches (see patch matrix in vendor advisory).

PROVIDED AND/OR DISCOVERED BY: eEye Digital Security

ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html

eEye Digital Security: http://www.eeye.com/html/research/upcoming/20060524.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200605-0399",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "3.1"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "3.1.394"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "3.1.400"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "3.0"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "3.0.2.2020"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "3.0.2.2010"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "10.0.2.2020"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "10.0.2.2021"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "10.0.2.2010"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "10.0"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "10.1"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "10.1.400"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "symantec",
        "version": null
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.18.01.446"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2010"
      },
      {
        "model": "client security",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.401"
      },
      {
        "model": "client security mr7 build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.18.01.464"
      },
      {
        "model": "client security mr4 build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.18.01.446"
      },
      {
        "model": "antivirus corporate edition 1.425a/b",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.0"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.01.9378"
      },
      {
        "model": "client security b8.01.9374",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1.394"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.18.01.434"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1.396"
      },
      {
        "model": "client security mr5 build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.18.01.457"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.1.377"
      },
      {
        "model": "client security",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1.1"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.1.366"
      },
      {
        "model": "client security",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2001"
      },
      {
        "model": "antivirus corporate edition build 8.1.1.314a",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.1"
      },
      {
        "model": "client security mr6 build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.18.01.460"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1.400"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.0"
      },
      {
        "model": "client security mr3 build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.18.01.434"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.3.1000"
      },
      {
        "model": "client security b8.01.9378",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.0"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.18.1.1.323"
      },
      {
        "model": "client security mr3 build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1.18.1.1.323"
      },
      {
        "model": "client security mr2 b9.0.2.1000",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.2"
      },
      {
        "model": "client security",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1.401"
      },
      {
        "model": "client security mr1 b8.01.425a/b",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.1"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.2.1000"
      },
      {
        "model": "client security (scf",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.07.1)"
      },
      {
        "model": "client security stm build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.09.0.0.338"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.01.501"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2000"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2000"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2002"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.18.01.460"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.18.1.1.329"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2011"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2020"
      },
      {
        "model": "client security mr4 build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1.18.1.1.329"
      },
      {
        "model": "client security",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.1"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2021"
      },
      {
        "model": "client security mr2 b8.01.429c",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.1"
      },
      {
        "model": "antivirus corporate edition .0.825a",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1"
      },
      {
        "model": "client security mr3 b9.0.3.1000",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.3"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.18.1.1.319"
      },
      {
        "model": "client security mr5 build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1.18.1.1.336"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.1"
      },
      {
        "model": "client security mr9 b8.01.501",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.1"
      },
      {
        "model": "client security",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2002"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.01.9374"
      },
      {
        "model": "client security",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.396"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.18.01.437"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.18.01.457"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.0.338"
      },
      {
        "model": "client security mr2 build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1.18.1.1.319"
      },
      {
        "model": "client security",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0"
      },
      {
        "model": "client security mr1 build 8.1.1.314a",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1.1"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.18.01.464"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2001"
      },
      {
        "model": "client security mr8 build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.18.01.471"
      },
      {
        "model": "client security mr1 b9.0.1.1000",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.1"
      },
      {
        "model": "client security build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.18.01.437"
      },
      {
        "model": "antivirus corporate edition 1.429c",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.0"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.1.1.1000"
      },
      {
        "model": "client security mr6 b8.1.1.266",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1.1"
      },
      {
        "model": "client security",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2011"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.4"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.01"
      },
      {
        "model": "client security",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2021"
      },
      {
        "model": "client security stm b8.1.0.825a",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.18.01.471"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#404910"
      },
      {
        "db": "BID",
        "id": "18107"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200605-498"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-2630"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "eEye info@eEye.com Derek Soeder dsoeder@eeye.com",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200605-498"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-2630",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2006-2630",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-18738",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2006-2630",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#404910",
            "trust": 0.8,
            "value": "24.30"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200605-498",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-18738",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#404910"
      },
      {
        "db": "VULHUB",
        "id": "VHN-18738"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200605-498"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-2630"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors. Symantec products are vulnerable to a stack-based buffer overflow. \nSymantec AntiVirus Corporate Edition 10.1 and Symantec Client Security 3.1 are currently known to be vulnerable to this issue. All supported platforms are affected including Microsoft Windows and Novell Netware. Symantec AntiVirus is a very popular antivirus solution. The remote management protocol used by the affected products for communication is a proprietary message-based protocol with two levels of encapsulation. The outer layer consists of message headers, which may be message type 10, which means requesting Rtvscan.exe, or type 20 or 30, which means forwarding SSL negotiation. If SSL is created for a TCP connection, subsequent communication is encrypted, although there is still plaintext in the private format. The data of the type 10 message contains its own header and message body, both of which are processed by Rtvscan.exe. There is a command field in this header, which specifies the operation to be performed and the format of the message body data. COM_FORWARD_LOG (0x24) The command handler does not use strncat correctly, allowing to overwrite the 0x180 byte stack buffer with arbitrary data. If the first string in the COM_FORWARD_LOG request contains a backslash, one of two strncat calls is performed: * If the string contains commas but no double quotes: strncat(dest, src, 0x17A - strlen(src )); * Otherwise: strncat(dest, src, 0x17C - strlen(src)); If the length of the source string exceeds 0x17A or 0x17C characters respectively, the arithmetic will underflow, resulting in a large memory copy size. This might allow appending this source string to the buffer, overwriting the stack with 64KB of data (null characters excluded). Rtvscan.exe is compiled with the Visual Studio /GS security option and includes stack canary checks. But an attacker can bypass this security measure by overriding and controlling the exception handler registration. \n\nSOLUTION:\nApply patches (see patch matrix in vendor advisory). \n\nPROVIDED AND/OR DISCOVERED BY:\neEye Digital Security\n\nORIGINAL ADVISORY:\nSymantec:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html\n\neEye Digital Security:\nhttp://www.eeye.com/html/research/upcoming/20060524.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-2630"
      },
      {
        "db": "CERT/CC",
        "id": "VU#404910"
      },
      {
        "db": "BID",
        "id": "18107"
      },
      {
        "db": "VULHUB",
        "id": "VHN-18738"
      },
      {
        "db": "PACKETSTORM",
        "id": "46794"
      }
    ],
    "trust": 2.07
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-18738",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-18738"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "18107",
        "trust": 2.8
      },
      {
        "db": "SECTRACK",
        "id": "1016162",
        "trust": 2.5
      },
      {
        "db": "CERT/CC",
        "id": "VU#404910",
        "trust": 2.5
      },
      {
        "db": "NVD",
        "id": "CVE-2006-2630",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "20318",
        "trust": 1.8
      },
      {
        "db": "SECTRACK",
        "id": "1016161",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2006-2005",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200605-498",
        "trust": 0.7
      },
      {
        "db": "XF",
        "id": "26706",
        "trust": 0.6
      },
      {
        "db": "EEYE",
        "id": "EEYEB-20060524",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20060527 SYMANTEC ANTIVIRUS SOFTWARE EXPOSES COMPUTERS",
        "trust": 0.6
      },
      {
        "db": "FULLDISC",
        "id": "20060526 NEW SYMANTEC VULN",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "83223",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "16830",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-88855",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-71332",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-18738",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "46794",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#404910"
      },
      {
        "db": "VULHUB",
        "id": "VHN-18738"
      },
      {
        "db": "BID",
        "id": "18107"
      },
      {
        "db": "PACKETSTORM",
        "id": "46794"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200605-498"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-2630"
      }
    ]
  },
  "id": "VAR-200605-0399",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-18738"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T22:40:03.187000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-2630"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.9,
        "url": "http://www.eeye.com/html/research/upcoming/20060524.html"
      },
      {
        "trust": 2.1,
        "url": "http://securityresponse.symantec.com/avcenter/security/content/2006.05.25.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/18107"
      },
      {
        "trust": 1.7,
        "url": "http://www.kb.cert.org/vuls/id/404910"
      },
      {
        "trust": 1.7,
        "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-may/046355.html"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1016161"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1016162"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/20318"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/435200/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2006/2005"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26706"
      },
      {
        "trust": 0.8,
        "url": "http://www.eeye.com/html/research/advisories/ad20060612.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.symantec.com/avcenter/security/content/2006.05.25.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.securityfocus.com/bid/18107/"
      },
      {
        "trust": 0.8,
        "url": "http://securitytracker.com/alerts/2006/may/1016162.html"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2006/2005"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/435200/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/26706"
      },
      {
        "trust": 0.3,
        "url": "https://www.immunityinc.com/downloads/immpartners/symantec_rm.tar"
      },
      {
        "trust": 0.3,
        "url": "http://www.symantec.com/products/enterprise?c=prodinfo\u0026refid=805"
      },
      {
        "trust": 0.3,
        "url": "http://securityresponse.symantec.com/avcenter/security/symantecadvisories.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2006-112810-5302-99\u0026tabid=1"
      },
      {
        "trust": 0.3,
        "url": "http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2006-122314-5625-99\u0026tabid=2"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/436860"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6649/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/20318/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5555/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#404910"
      },
      {
        "db": "VULHUB",
        "id": "VHN-18738"
      },
      {
        "db": "BID",
        "id": "18107"
      },
      {
        "db": "PACKETSTORM",
        "id": "46794"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200605-498"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-2630"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#404910"
      },
      {
        "db": "VULHUB",
        "id": "VHN-18738"
      },
      {
        "db": "BID",
        "id": "18107"
      },
      {
        "db": "PACKETSTORM",
        "id": "46794"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200605-498"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-2630"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-05-30T00:00:00",
        "db": "CERT/CC",
        "id": "VU#404910"
      },
      {
        "date": "2006-05-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-18738"
      },
      {
        "date": "2006-05-24T00:00:00",
        "db": "BID",
        "id": "18107"
      },
      {
        "date": "2006-05-29T22:46:46",
        "db": "PACKETSTORM",
        "id": "46794"
      },
      {
        "date": "2006-05-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200605-498"
      },
      {
        "date": "2006-05-27T21:02:00",
        "db": "NVD",
        "id": "CVE-2006-2630"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-06-13T00:00:00",
        "db": "CERT/CC",
        "id": "VU#404910"
      },
      {
        "date": "2018-10-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-18738"
      },
      {
        "date": "2007-11-01T16:26:00",
        "db": "BID",
        "id": "18107"
      },
      {
        "date": "2007-02-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200605-498"
      },
      {
        "date": "2024-11-21T00:11:42.110000",
        "db": "NVD",
        "id": "CVE-2006-2630"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200605-498"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Symantec products vulnerable to buffer overflow",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#404910"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200605-498"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2006-2630

Vulnerability from fkie_nvd

Published

2006-05-27 21:02

Modified

2025-04-03 01:03

Severity ?

Summary

Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.

References

URL	Tags
cve@mitre.org	http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html
cve@mitre.org	http://secunia.com/advisories/20318	Patch, Vendor Advisory
cve@mitre.org	http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html	Patch, Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1016161	Patch
cve@mitre.org	http://securitytracker.com/id?1016162	Patch
cve@mitre.org	http://www.eeye.com/html/research/upcoming/20060524.html
cve@mitre.org	http://www.kb.cert.org/vuls/id/404910	Patch, US Government Resource
cve@mitre.org	http://www.securityfocus.com/archive/1/435200/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/18107	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2006/2005
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/26706
af854a3a-2127-422b-91ae-364da2661108	http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20318	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016161	Patch
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016162	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.eeye.com/html/research/upcoming/20060524.html
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/404910	Patch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/435200/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/18107	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2005
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/26706

Impacted products

Vendor	Product	Version
symantec	client_security	3.0
symantec	client_security	3.0.2.2010
symantec	client_security	3.0.2.2020
symantec	client_security	3.1
symantec	client_security	3.1.394
symantec	client_security	3.1.400
symantec	norton_antivirus	10.0
symantec	norton_antivirus	10.0.2.2010
symantec	norton_antivirus	10.0.2.2020
symantec	norton_antivirus	10.0.2.2021
symantec	norton_antivirus	10.1
symantec	norton_antivirus	10.1.400

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6090F86-0B42-403F-9996-9B7670EBAA5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF555313-BB5A-4D8A-A3A1-609ABC39F6FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "CAC5389A-8B18-40C4-A3E0-E50B6AA724FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "275187A5-FB3A-41C2-A6F4-F2DC9D88D0DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "6A220194-CCB1-41F6-9CB0-A79C2E5E36FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "4D3CBEF5-25C6-41E8-97A3-2AA43134E619",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "81AE594C-41ED-4FE8-839D-B604AE8DC901",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "423C4F6C-4D87-4604-9122-02E2F06FAFB7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en Symantec Antivirus 10.1 y Client Security 3.1 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n vectores de ataque desconocidos."
    }
  ],
  "id": "CVE-2006-2630",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-05-27T21:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20318"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1016161"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1016162"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.eeye.com/html/research/upcoming/20060524.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/404910"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/435200/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/18107"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/2005"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26706"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20318"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1016161"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1016162"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.eeye.com/html/research/upcoming/20060524.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/404910"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/435200/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/18107"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/2005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26706"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2006-2630 (GCVE-0-2006-2630)

Vulnerability from cvelistv5

CERTA-2006-AVI-221

Vulnerability from certfr_avis

Description

Solution

ghsa-33qj-7hm4-jp7v

Vulnerability from github

gsd-2006-2630

Vulnerability from gsd

var-200605-0399

Vulnerability from variot

fkie_cve-2006-2630

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature