CVE-2007-1793

Symantec (Multiple Products) - 'SPBBCDrv' Driver Local Denial of Service

Severity Score

4.9

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.

El archivo SPBBCDrv.sys en Symantec Norton Personal Firewall 2006 versiones 9.1.0.33 y 9.1.1.7 no comprueba ciertos argumentos antes de ser pasado hacia los controladores de la función SSDT enlazada, lo que permite a los usuarios locales causar una denegación de servicio (bloqueo) o posiblemente ejecutar código arbitrario por medio de argumentos creados para las funciones (1) NtCreateMutant y (2) NtOpenEvent. NOTA: más tarde se informó que Norton Internet Security 2008 versión 15.0.0.60, y posiblemente otras versiones de 2006, también se ven afectados.

*Credits: N/A

CVSS Scores

NISTv2 4.9

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-04-01 First Exploit
2007-04-02 CVE Reserved
2007-04-02 CVE Published
2024-05-28 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-20: Improper Input Validation

CAPEC

References (18)

URL	Tag	Source
http://osvdb.org/34692	Vdb Entry
http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html	X_refsource_confirm
http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php	X_refsource_misc
http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php	X_refsource_misc
http://www.securityfocus.com/archive/1/464456/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/479830/100/0/threaded	Mailing List
http://www.securitytracker.com/id?1021386	Vdb Entry
http://www.securitytracker.com/id?1021387	Vdb Entry
http://www.securitytracker.com/id?1021388	Vdb Entry
http://www.securitytracker.com/id?1021389	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/33352	Vdb Entry

URL	Date	SRC
https://www.exploit-db.com/exploits/29810	2007-04-01
http://www.securityfocus.com/bid/23241	2024-08-07

URL	Date	SRC
http://www.securitytracker.com/id?1017837	2018-10-16
http://www.securitytracker.com/id?1017838	2018-10-16

URL	Date	SRC
http://secunia.com/advisories/24677	2018-10-16
http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php	2018-10-16
http://www.vupen.com/english/advisories/2007/1192	2018-10-16

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				10.0 Search vendor "Symantec" for product "Antivirus" and version "10.0"		corporate		Affected
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				10.0.1 Search vendor "Symantec" for product "Antivirus" and version "10.0.1"		corporate		Affected
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				10.0.1.1 Search vendor "Symantec" for product "Antivirus" and version "10.0.1.1"		corporate		Affected
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				10.0.2 Search vendor "Symantec" for product "Antivirus" and version "10.0.2"		corporate		Affected
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				10.0.2.1 Search vendor "Symantec" for product "Antivirus" and version "10.0.2.1"		corporate		Affected
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				10.0.2.2 Search vendor "Symantec" for product "Antivirus" and version "10.0.2.2"		corporate		Affected
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				10.0.3 Search vendor "Symantec" for product "Antivirus" and version "10.0.3"		corporate		Affected
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				10.0.4 Search vendor "Symantec" for product "Antivirus" and version "10.0.4"		corporate		Affected
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				10.0.5 Search vendor "Symantec" for product "Antivirus" and version "10.0.5"		corporate		Affected
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				10.0.6 Search vendor "Symantec" for product "Antivirus" and version "10.0.6"		corporate		Affected
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				10.0.7 Search vendor "Symantec" for product "Antivirus" and version "10.0.7"		corporate		Affected
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				10.0.8 Search vendor "Symantec" for product "Antivirus" and version "10.0.8"		corporate		Affected
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				10.0.9 Search vendor "Symantec" for product "Antivirus" and version "10.0.9"		corporate		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0 Search vendor "Symantec" for product "Client Security" and version "3.0"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0.0.359 Search vendor "Symantec" for product "Client Security" and version "3.0.0.359"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0.1.1000 Search vendor "Symantec" for product "Client Security" and version "3.0.1.1000"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0.1.1001 Search vendor "Symantec" for product "Client Security" and version "3.0.1.1001"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0.1.1007 Search vendor "Symantec" for product "Client Security" and version "3.0.1.1007"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0.1.1008 Search vendor "Symantec" for product "Client Security" and version "3.0.1.1008"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0.1.1009 Search vendor "Symantec" for product "Client Security" and version "3.0.1.1009"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0.2 Search vendor "Symantec" for product "Client Security" and version "3.0.2"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0.2.2000 Search vendor "Symantec" for product "Client Security" and version "3.0.2.2000"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0.2.2001 Search vendor "Symantec" for product "Client Security" and version "3.0.2.2001"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0.2.2002 Search vendor "Symantec" for product "Client Security" and version "3.0.2.2002"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0.2.2010 Search vendor "Symantec" for product "Client Security" and version "3.0.2.2010"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0.2.2011 Search vendor "Symantec" for product "Client Security" and version "3.0.2.2011"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0.2.2020 Search vendor "Symantec" for product "Client Security" and version "3.0.2.2020"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.0.2.2021 Search vendor "Symantec" for product "Client Security" and version "3.0.2.2021"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.1 Search vendor "Symantec" for product "Client Security" and version "3.1"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.1.0.396 Search vendor "Symantec" for product "Client Security" and version "3.1.0.396"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.1.0.401 Search vendor "Symantec" for product "Client Security" and version "3.1.0.401"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.1.394 Search vendor "Symantec" for product "Client Security" and version "3.1.394"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.1.396 Search vendor "Symantec" for product "Client Security" and version "3.1.396"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.1.400 Search vendor "Symantec" for product "Client Security" and version "3.1.400"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				3.1.401 Search vendor "Symantec" for product "Client Security" and version "3.1.401"		-		Affected
Symantec Search vendor "Symantec"		Norton 360 Search vendor "Symantec" for product "Norton 360"				1.0 Search vendor "Symantec" for product "Norton 360" and version "1.0"		-		Affected
Symantec Search vendor "Symantec"		Norton Antispam Search vendor "Symantec" for product "Norton Antispam"				2004 Search vendor "Symantec" for product "Norton Antispam" and version "2004"		-		Affected
Symantec Search vendor "Symantec"		Norton Antispam Search vendor "Symantec" for product "Norton Antispam"				2005 Search vendor "Symantec" for product "Norton Antispam" and version "2005"		-		Affected
Symantec Search vendor "Symantec"		Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus"				2004 Search vendor "Symantec" for product "Norton Antivirus" and version "2004"		-		Affected
Symantec Search vendor "Symantec"		Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus"				2005 Search vendor "Symantec" for product "Norton Antivirus" and version "2005"		-		Affected
Symantec Search vendor "Symantec"		Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus"				2006 Search vendor "Symantec" for product "Norton Antivirus" and version "2006"		-		Affected
Symantec Search vendor "Symantec"		Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus"				2007 Search vendor "Symantec" for product "Norton Antivirus" and version "2007"		-		Affected
Symantec Search vendor "Symantec"		Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus"				2008 Search vendor "Symantec" for product "Norton Antivirus" and version "2008"		-		Affected
Symantec Search vendor "Symantec"		Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security"				2004 Search vendor "Symantec" for product "Norton Internet Security" and version "2004"		-		Affected
Symantec Search vendor "Symantec"		Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security"				2005 Search vendor "Symantec" for product "Norton Internet Security" and version "2005"		-		Affected
Symantec Search vendor "Symantec"		Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security"				2006 Search vendor "Symantec" for product "Norton Internet Security" and version "2006"		-		Affected
Symantec Search vendor "Symantec"		Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security"				2007 Search vendor "Symantec" for product "Norton Internet Security" and version "2007"		-		Affected
Symantec Search vendor "Symantec"		Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security"				2008 Search vendor "Symantec" for product "Norton Internet Security" and version "2008"		-		Affected
Symantec Search vendor "Symantec"		Norton Personal Firewall Search vendor "Symantec" for product "Norton Personal Firewall"				2004 Search vendor "Symantec" for product "Norton Personal Firewall" and version "2004"		-		Affected
Symantec Search vendor "Symantec"		Norton Personal Firewall Search vendor "Symantec" for product "Norton Personal Firewall"				2005 Search vendor "Symantec" for product "Norton Personal Firewall" and version "2005"		-		Affected
Symantec Search vendor "Symantec"		Norton Personal Firewall Search vendor "Symantec" for product "Norton Personal Firewall"				2006 Search vendor "Symantec" for product "Norton Personal Firewall" and version "2006"		-		Affected
Symantec Search vendor "Symantec"		Norton Personal Firewall Search vendor "Symantec" for product "Norton Personal Firewall"				2006_9.1.0.33 Search vendor "Symantec" for product "Norton Personal Firewall" and version "2006_9.1.0.33"		-		Affected
Symantec Search vendor "Symantec"		Norton Personal Firewall Search vendor "Symantec" for product "Norton Personal Firewall"				2006_9.1.1.7 Search vendor "Symantec" for product "Norton Personal Firewall" and version "2006_9.1.1.7"		-		Affected
Symantec Search vendor "Symantec"		Norton System Works Search vendor "Symantec" for product "Norton System Works"				2004 Search vendor "Symantec" for product "Norton System Works" and version "2004"		-		Affected
Symantec Search vendor "Symantec"		Norton System Works Search vendor "Symantec" for product "Norton System Works"				2005 Search vendor "Symantec" for product "Norton System Works" and version "2005"		-		Affected
Symantec Search vendor "Symantec"		Norton System Works Search vendor "Symantec" for product "Norton System Works"				2006 Search vendor "Symantec" for product "Norton System Works" and version "2006"		-		Affected