CVSS: 8.8EPSS: 2%CPEs: 6EXPL: 0CVE-2006-3456
https://notcve.org/view.php?id=CVE-2006-3456
11 May 2007 — The Symantec NAVOPTS.DLL ActiveX control (aka Symantec.Norton.AntiVirus.NAVOptions) 12.2.0.13, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, is designed for use only in application-embedded web browsers, which allows remote attackers to "crash the control" via unspecified vectors related to content on a web site, and place Internet Explorer into a "defunct state" in which remote attackers can execute arbitrary code in addition to other Symantec ActiveX controls, regardless ... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=529 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 56EXPL: 2CVE-2007-1793 – Symantec (Multiple Products) - 'SPBBCDrv' Driver Local Denial of Service
https://notcve.org/view.php?id=CVE-2007-1793
02 Apr 2007 — SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected. El archivo SPBBCDrv.sys en Symantec... • https://www.exploit-db.com/exploits/29810 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 84EXPL: 1CVE-2007-1476 – Symantec 'SYMTDI.SYS' Device Driver - Local Denial of Service
https://notcve.org/view.php?id=CVE-2007-1476
16 Mar 2007 — The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855. El controlador de dispositivo SymTDI (SYMTDI.SYS) en Symantec Norton Personal Firewall 2006 versión ... • https://www.exploit-db.com/exploits/29743 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 40%CPEs: 6EXPL: 0CVE-2006-6490
https://notcve.org/view.php?id=CVE-2006-6490
22 Feb 2007 — Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message. Múltiples desbordamiento de búfer en los controles ActiveX de SupportSoft (1) SmartIssue (tgctlsi.dll) y (2) ScriptRunner (tgctlsr.dll), tal y como se usan en Symantec Automated Support Assistant... • http://archives.neohapsis.com/archives/bugtraq/2007-02/0454.html •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2006-6622
https://notcve.org/view.php?id=CVE-2006-6622
18 Dec 2006 — Soft4Ever Look 'n' Stop (LnS) 2.05p2 before 20061215 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB. Soft4Ever Look 'n' Stop (LnS) 2.05p2 en versiones anteriores a 20061215 depende del Process Environment Block (PEB) para la identificación de un proceso, el cual permite a usuarios locales evitar los controles del producto en el... • http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 1CVE-2006-6619 – Multiple Vendor Firewall - HIPS Process Spoofing
https://notcve.org/view.php?id=CVE-2006-6619
18 Dec 2006 — AVG Anti-Virus plus Firewall 7.5.431 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB. AVG Anti-Virus plus Firewall 7.5.431 depende del Process Environment Block (PEB) para la identificación de un proceso, el cual permite a usuarios locales evitar los controles del producto en el proceso mediante la simulación de los campos (1) I... • https://www.exploit-db.com/exploits/29287 •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2006-6620
https://notcve.org/view.php?id=CVE-2006-6620
18 Dec 2006 — Comodo Personal Firewall 2.3.6.81 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB. Comodo Personal Firewall 2.3.6.81 depende del Process Environment Block (PEB) para la identificación de un proceso, el cual permite a usuarios locales evitar los controles del producto en el proceso mediante la simulación de los campos (1) ImagePa... • http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2006-6623
https://notcve.org/view.php?id=CVE-2006-6623
18 Dec 2006 — Sygate Personal Firewall 5.6.2808 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB. Sygate Personal Firewall 5.6.2808 depende del Process Environment Block (PEB) para la identificación de un proceso, el cual permite a usuarios locales evitar los controles del producto en el proceso mediante la simulación de los campos (1) ImagePa... • http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2006-6621
https://notcve.org/view.php?id=CVE-2006-6621
18 Dec 2006 — Filseclab Personal Firewall 3.0.0.8686 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB. Filseclab Personal Firewall 3.0.0.8686 depende del Process Environment Block (PEB) para la identificación de un proceso, el cual permite a usuarios locales evitar los controles del producto en el proceso mediante la simulación de los campos (... • http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2006-6618
https://notcve.org/view.php?id=CVE-2006-6618
18 Dec 2006 — AntiHook 3.0.0.23 - Desktop relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB. AntiHook 3.0.0.23 - El escritorio depende del Process Environment Block (PEB) para la identificación de un proceso, el cual permite a usuarios locales evitar los controles del producto en el proceso mediante la simulación de los campos (1) ImagePathName... • http://www.matousec.com/downloads/windows-personal-firewall-analysis/ex-coat.zip •