CVE-2007-5829
https://notcve.org/view.php?id=CVE-2007-5829
The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the "Show Progress During Mount Scans" option is enabled. El escáner Disk Mount en Symantec AntiVirus para Macintosh versiones 9.x y 10.x, Norton AntiVirus para Macintosh versiones 10.0 y 10.1 y Norton Internet Security para Macintosh versiones 3.x , usa un directorio con permisos débiles (grupo grabable), que permite a usuarios administradores locales alcanzar privilegios de root mediante la sustitución de archivos no especificados, que se ejecutan cuando un usuario con acceso físico inserta un disco y la opción "Show Progress During Mount Scans" está habilitada. • http://osvdb.org/40864 http://secunia.com/advisories/27488 http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html http://securitytracker.com/id?1018889 http://securitytracker.com/id?1018890 http://www.securityfocus.com/bid/26253 http://www.vupen.com/english/advisories/2007/3698 https://exchange.xforce.ibmcloud.com/vulnerabilities/38229 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2007-5047
https://notcve.org/view.php?id=CVE-2007-5047
Norton Internet Security 2008 15.0.0.60 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the NtOpenSection kernel SSDT hook. NOTE: the NtCreateMutant and NtOpenEvent function hooks are already covered by CVE-2007-1793. Norton Internet Security 2008 15.0.0.60 no valida de forma adecuada ciertos parámetros en los manejadores de la función System Service Descriptor Table (SSDT), el cual permite a usuarios locales provocar denegación de servicio (caida) y posiblemente ganar privilegios a través del secuestro de NtOpenSection kernel SSDT. NOTA: las funciones NtCreateMutant y NtOpenEvent están cubiertas por CVE-2007-1793. • http://osvdb.org/45897 http://securityreason.com/securityalert/3161 http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php http://www.securityfocus.com/archive/1/479830/100/0/threaded • CWE-20: Improper Input Validation •
CVE-2007-2955
https://notcve.org/view.php?id=CVE-2007-2955
Multiple unspecified "input validation error" vulnerabilities in multiple ActiveX controls in NavComUI.dll, as used in multiple Norton AntiVirus, Internet Security, and System Works products for 2006, allows remote attackers to execute arbitrary code via (1) the AnomalyList property to AxSysListView32 and (2) Anomaly property to AxSysListView32OAA. Múltiples vulnerabilidades de "errores de validación de entrada" sin especificar en múltiples controles ActiveX en el NavComUI.dll, como el utilizado en el AntiVirus Norton, Internet Security y los productos System Works para 2006, permiten a atacantes remotos ejecutar código de su elección a través de (1) la propiedad AnomalyList del AxSysListView32 y (2) la propiedad Anomaly del AxSysListView32OAA. • http://secunia.com/advisories/25215 http://secunia.com/secunia_research/2007-53/advisory http://www.securityfocus.com/bid/24983 http://www.securitytracker.com/id?1018545 http://www.securitytracker.com/id?1018546 http://www.securitytracker.com/id?1018547 http://www.symantec.com/avcenter/security/Content/2007.08.09.html http://www.vupen.com/english/advisories/2007/2822 https://exchange.xforce.ibmcloud.com/vulnerabilities/35944 •
CVE-2007-3673 – Symantec AntiVirus - 'symtdi.sys' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-3673
Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\symTDI\, which results in memory overwrite. Symantec symtdi.sys versiones anteriores a 7.0.0, tal y como se distribuye en Symantec AntiVirus Corporate Edition 9 hata 10.1 y Client Security 2.0 hasta 3.1, Norton AntiSpam 2005, y Norton AntiVirus, Internet Security, Personal Firewall, y System Works 2005 y 2006; permite a usuarios locales obtener privilegios mediante un Interrupt Request Packet (Irp) manipulado en una petición IOCTL 0x83022323 a \\symTDI\, que resulta en una sobre-escritura de memoria. • https://www.exploit-db.com/exploits/4178 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554 http://osvdb.org/36117 http://secunia.com/advisories/26042 http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html http://securitytracker.com/id?1018372 http://www.securityfocus.com/bid/22351 http://www.vupen.com/english/advisories/2007/2507 https://exchange.xforce.ibmcloud.com/vulnerabilities/35347 •
CVE-2007-0447 – Symantec AntiVirus Engine CAB Parsing Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-0447
Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives. Desbordamiento de búfer basado en pila en el componente Decomposer en múltiples producto Symantec que permiten a atacantes remotos ejecutar código de su elección a través de archivos .CAB manipulados. This vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of Symantec's AntiVirus Engine. User interaction is not required to exploit this vulnerability. The specific flaw exists during the process of scanning multiple maliciously formatted CAB archives. The parsing routine implicitly trusts certain user-supplied values that can result in an exploitable heap corruption. • http://osvdb.org/36118 http://secunia.com/advisories/26053 http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html http://www.securityfocus.com/bid/24282 http://www.vupen.com/english/advisories/2007/2508 http://www.zerodayinitiative.com/advisories/ZDI-07-040.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •