CVE-2007-5829
https://notcve.org/view.php?id=CVE-2007-5829
The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the "Show Progress During Mount Scans" option is enabled. El escáner Disk Mount en Symantec AntiVirus para Macintosh versiones 9.x y 10.x, Norton AntiVirus para Macintosh versiones 10.0 y 10.1 y Norton Internet Security para Macintosh versiones 3.x , usa un directorio con permisos débiles (grupo grabable), que permite a usuarios administradores locales alcanzar privilegios de root mediante la sustitución de archivos no especificados, que se ejecutan cuando un usuario con acceso físico inserta un disco y la opción "Show Progress During Mount Scans" está habilitada. • http://osvdb.org/40864 http://secunia.com/advisories/27488 http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html http://securitytracker.com/id?1018889 http://securitytracker.com/id?1018890 http://www.securityfocus.com/bid/26253 http://www.vupen.com/english/advisories/2007/3698 https://exchange.xforce.ibmcloud.com/vulnerabilities/38229 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2007-5047
https://notcve.org/view.php?id=CVE-2007-5047
Norton Internet Security 2008 15.0.0.60 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the NtOpenSection kernel SSDT hook. NOTE: the NtCreateMutant and NtOpenEvent function hooks are already covered by CVE-2007-1793. Norton Internet Security 2008 15.0.0.60 no valida de forma adecuada ciertos parámetros en los manejadores de la función System Service Descriptor Table (SSDT), el cual permite a usuarios locales provocar denegación de servicio (caida) y posiblemente ganar privilegios a través del secuestro de NtOpenSection kernel SSDT. NOTA: las funciones NtCreateMutant y NtOpenEvent están cubiertas por CVE-2007-1793. • http://osvdb.org/45897 http://securityreason.com/securityalert/3161 http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php http://www.securityfocus.com/archive/1/479830/100/0/threaded • CWE-20: Improper Input Validation •
CVE-2007-2955
https://notcve.org/view.php?id=CVE-2007-2955
Multiple unspecified "input validation error" vulnerabilities in multiple ActiveX controls in NavComUI.dll, as used in multiple Norton AntiVirus, Internet Security, and System Works products for 2006, allows remote attackers to execute arbitrary code via (1) the AnomalyList property to AxSysListView32 and (2) Anomaly property to AxSysListView32OAA. Múltiples vulnerabilidades de "errores de validación de entrada" sin especificar en múltiples controles ActiveX en el NavComUI.dll, como el utilizado en el AntiVirus Norton, Internet Security y los productos System Works para 2006, permiten a atacantes remotos ejecutar código de su elección a través de (1) la propiedad AnomalyList del AxSysListView32 y (2) la propiedad Anomaly del AxSysListView32OAA. • http://secunia.com/advisories/25215 http://secunia.com/secunia_research/2007-53/advisory http://www.securityfocus.com/bid/24983 http://www.securitytracker.com/id?1018545 http://www.securitytracker.com/id?1018546 http://www.securitytracker.com/id?1018547 http://www.symantec.com/avcenter/security/Content/2007.08.09.html http://www.vupen.com/english/advisories/2007/2822 https://exchange.xforce.ibmcloud.com/vulnerabilities/35944 •
CVE-2007-3800
https://notcve.org/view.php?id=CVE-2007-3800
Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code. Vulnerabilidad no especificada en el componente Real-time scanner (RTVScan) en Symantec AntiVirus Corporate Edition 9.0 hasta la 10.1 y Client Security 2.0 hasta la 3.1, cuando la ventana Notification Message está activada, permite a usuarios locales ganar privilegios a través de código manipulado. • http://osvdb.org/36116 http://secunia.com/advisories/26054 http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html http://www.securityfocus.com/bid/24810 http://www.vupen.com/english/advisories/2007/2506 https://exchange.xforce.ibmcloud.com/vulnerabilities/35352 •
CVE-2007-3771
https://notcve.org/view.php?id=CVE-2007-3771
Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message. NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error. Desbordamiento de búfer basado en pila en la característica Internet E-mail Auto-Protect de Symantec AntiVirus Corporate Edition anterior a 10.1, y Client Security anterior a 3.1, permite a usuarios locales provocar una denegación de servicio (caída del servicio) mediante cabeceras (1) To, (2) From, o (3) Subject largas en un mensaje de correo electrónico SMTP saliente. NOTA: la notificación original del fabricante hacía referencia a CVE-2006-3456, lo cual fue un error. • http://osvdb.org/36115 http://secunia.com/advisories/26036 http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html http://securitytracker.com/id?1018367 http://securitytracker.com/id?1018371 http://www.securityfocus.com/bid/24802 http://www.vupen.com/english/advisories/2007/2506 https://exchange.xforce.ibmcloud.com/vulnerabilities/35354 •