CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2007-1495
https://notcve.org/view.php?id=CVE-2007-1495
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.1.7, and possibly other products using symevent.sys 12.0.0.20, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data, a reintroduction of CVE-2006-4855. El controlador de dispositivo \Device\SymEvent del Symantec Norton Personal Firewall 2006 9.1.1.7 y,posiblemente otros productos que utilicen el symevent.sys 12.0.0.20, permite a usuarios locales provocar una denegación de servicio (caída del sistema) a través de un dato no válido, como lo demostrado llamando al DeviceIoControl para enviar un dato, una reproducción de la CVE-2006-4855. • http://securityreason.com/securityalert/2445 http://www.securityfocus.com/archive/1/462792/100/0/threaded http://www.securityfocus.com/bid/22961 •
CVSS: 1.9EPSS: 0%CPEs: 84EXPL: 1CVE-2007-1476 – Symantec 'SYMTDI.SYS' Device Driver - Local Denial of Service
https://notcve.org/view.php?id=CVE-2007-1476
The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855. El controlador de dispositivo SymTDI (SYMTDI.SYS) en Symantec Norton Personal Firewall 2006 versión 9.1.1.7 y anteriores, Internet Security 2005 y 2006, AntiVirus Corporate Edition versión 3.0.x hasta 10.1.x, y otros productos Norton, permiten a los usuarios locales causar una denegación de servicio (bloqueo de sistema) al enviar datos creados al archivo \Device del controlador, que activa un acceso a la memoria no válido, una vulnerabilidad diferente a la CVE-2006-4855. • https://www.exploit-db.com/exploits/29743 http://marc.info/?l=full-disclosure&m=117396596027148&w=2 http://osvdb.org/35088 http://securityreason.com/securityalert/2438 http://securitytracker.com/id?1018656 http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php http://www.securityfocus.com/archive/1/462926/100/0/threaded http://www.securityfocus.com/bid/22977 http://www.symantec.com/avcenter/security/Content/2007.09.05.html https:/ • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: 101EXPL: 2CVE-2006-4855 – Symantec (Multiple Products) - 'SymEvent' Driver Local Denial of Service
https://notcve.org/view.php?id=CVE-2006-4855
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data. El driver \Device\SymEvent en Symantec Norton Personal Firewall 2006 9.1.0.33, y otras versiones del Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, y 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0 y 10.1, Symantec pcAnywhere 11.5 y Symantec Host, permite a usuarios locales provocar una denegación de servicio (caída del sistema) vía una información inválida, como ha sido demostrado llamando a DeviceIoControl para enviar la información. • https://www.exploit-db.com/exploits/28588 http://secunia.com/advisories/21938 http://securityreason.com/securityalert/1591 http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html http://securitytracker.com/id?1016889 http://securitytracker.com/id?1016892 http://securitytracker.com/id?1016893 http://securitytracker.com/id?1016894 http://securitytracker.com/id? • CWE-399: Resource Management Errors •
CVSS: 3.6EPSS: 0%CPEs: 1EXPL: 0CVE-2006-4266
https://notcve.org/view.php?id=CVE-2006-4266
Symantec Norton Personal Firewall 2006 9.1.0.33, and possibly earlier, does not properly protect Norton registry keys, which allows local users to provide Trojan horse libraries to Norton by using RegSaveKey and RegRestoreKey to modify HKLM\SOFTWARE\Symantec\CCPD\SuiteOwners, as demonstrated using NISProd.dll. NOTE: in most cases, this attack would not cross privilege boundaries, because modifying the SuiteOwners key requires administrative privileges. However, this issue is a vulnerability because the product's functionality is intended to protect against privileged actions such as this. Symantec Norton Personal Firewall 2006 9.1.0.33, y posiblemente anteriores, no protege adecuadamente las claves de registro de Norton, lo cual permite a usuarios locales proporcionar librerías a modo de troyanos a Norton mediante el uso de RegSaveKey y RegRestoreKey para modificar HKLM\SOFTWARE\Symantec\CCPD\SuiteOwners, como ha sido demostrado usando NISProd.dll. NOTA: en la mayoría de los casos, este ataque no cruzaría los límites de privilegios, porque la modificación de la clave SuiteOwners requiere privilegios de administración. • http://securityreason.com/securityalert/1428 http://www.matousec.com/info/advisories/Norton-DLL-faking-via-SuiteOwners-protection-bypass.php http://www.securityfocus.com/archive/1/443632/100/0/threaded http://www.securityfocus.com/bid/19585 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2006-3725
https://notcve.org/view.php?id=CVE-2006-3725
Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via certain RegSaveKey, RegRestoreKey and RegDeleteKey operations on the (1) HKLM\SYSTEM\CurrentControlSet\Services\SNDSrvc and (2) HKLM\SYSTEM\CurrentControlSet\Services\SymEvent registry keys. Norton Personal Firewall 2006 9.1.0.33 permite a usuarios locales provocar denegación de servicio (caida) a través de ciertas operaciones de RegSaveKey, RegRestoreKey y RegDeleteKey sobre las llaves del registro (1) HKLM\SYSTEM\CurrentControlSet\Services\SNDSrvc y (2) HKLM\SYSTEM\CurrentControlSet\Services\SymEvent • http://securityreason.com/securityalert/1241 http://www.matousec.com/info/advisories/Norton-Insufficient-protection-of-Norton-service-registry-keys.php http://www.securityfocus.com/archive/1/440110/100/0/threaded http://www.securityfocus.com/bid/18995 https://exchange.xforce.ibmcloud.com/vulnerabilities/27764 •