Page 3 of 20 results (0.004 seconds)

CVSS: 4.9EPSS: 0%CPEs: 56EXPL: 2

SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected. El archivo SPBBCDrv.sys en Symantec Norton Personal Firewall 2006 versiones 9.1.0.33 y 9.1.1.7 no comprueba ciertos argumentos antes de ser pasado hacia los controladores de la función SSDT enlazada, lo que permite a los usuarios locales causar una denegación de servicio (bloqueo) o posiblemente ejecutar código arbitrario por medio de argumentos creados para las funciones (1) NtCreateMutant y (2) NtOpenEvent. NOTA: más tarde se informó que Norton Internet Security 2008 versión 15.0.0.60, y posiblemente otras versiones de 2006, también se ven afectados. • https://www.exploit-db.com/exploits/29810 http://osvdb.org/34692 http://secunia.com/advisories/24677 http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php http://www.securityfocus. • CWE-20: Improper Input Validation •

CVSS: 1.9EPSS: 0%CPEs: 84EXPL: 1

The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855. El controlador de dispositivo SymTDI (SYMTDI.SYS) en Symantec Norton Personal Firewall 2006 versión 9.1.1.7 y anteriores, Internet Security 2005 y 2006, AntiVirus Corporate Edition versión 3.0.x hasta 10.1.x, y otros productos Norton, permiten a los usuarios locales causar una denegación de servicio (bloqueo de sistema) al enviar datos creados al archivo \Device del controlador, que activa un acceso a la memoria no válido, una vulnerabilidad diferente a la CVE-2006-4855. • https://www.exploit-db.com/exploits/29743 http://marc.info/?l=full-disclosure&m=117396596027148&w=2 http://osvdb.org/35088 http://securityreason.com/securityalert/2438 http://securitytracker.com/id?1018656 http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php http://www.securityfocus.com/archive/1/462926/100/0/threaded http://www.securityfocus.com/bid/22977 http://www.symantec.com/avcenter/security/Content/2007.09.05.html https:/ • CWE-20: Improper Input Validation •

CVSS: 4.9EPSS: 0%CPEs: 101EXPL: 2

The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data. El driver \Device\SymEvent en Symantec Norton Personal Firewall 2006 9.1.0.33, y otras versiones del Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, y 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0 y 10.1, Symantec pcAnywhere 11.5 y Symantec Host, permite a usuarios locales provocar una denegación de servicio (caída del sistema) vía una información inválida, como ha sido demostrado llamando a DeviceIoControl para enviar la información. • https://www.exploit-db.com/exploits/28588 http://secunia.com/advisories/21938 http://securityreason.com/securityalert/1591 http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html http://securitytracker.com/id?1016889 http://securitytracker.com/id?1016892 http://securitytracker.com/id?1016893 http://securitytracker.com/id?1016894 http://securitytracker.com/id? • CWE-399: Resource Management Errors •

CVSS: 10.0EPSS: 97%CPEs: 12EXPL: 1

Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors. Desbordamiento de búfer basado en pila en Symantec Antivirus 10.1 y Client Security 3.1 permite a atacantes remotos ejecutar código de su elección vectores de ataque desconocidos. • https://www.exploit-db.com/exploits/16830 http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html http://secunia.com/advisories/20318 http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html http://securitytracker.com/id?1016161 http://securitytracker.com/id?1016162 http://www.eeye.com/html/research/upcoming/20060524.html http://www.kb.cert.org/vuls/id/404910 http://www.securityfocus.com/archive/1/435200/100/0/threaded http://www.secur •

CVSS: 6.8EPSS: 0%CPEs: 18EXPL: 0

Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program. • http://secunia.com/advisories/19682 http://securityreason.com/securityalert/100 http://securityresponse.symantec.com/avcenter/security/Content/2006.04.17b.html http://securitytracker.com/id?1015953 http://www.securityfocus.com/archive/1/431318/100/0/threaded http://www.securityfocus.com/bid/17571 http://www.vupen.com/english/advisories/2006/1386 https://exchange.xforce.ibmcloud.com/vulnerabilities/25839 •