David Matousek

6 exploits Active since Jul 2006
CVE-2007-1476 EXPLOITDB text WRITEUP
Symantec Client Security - Denial of Service via SymTDI Driver Input Buffer
The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855.
CVE-2007-1793 EXPLOITDB c WORKING POC
Symantec Norton Personal Firewall 9.1.0.33/9.1.1.7 DoS via NtCreateMutant/NtOpenEvent
SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.
CVE-2006-4855 EXPLOITDB text WRITEUP
Symantec Client Security - Denial of Service via Invalid Data to \Device\SymEvent Driver
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.
EIP-2026-115826 EXPLOITDB text WRITEUP
Microsoft Windows XP/2000 - Registry Access Local Denial of Service
CVE-2006-4541 EXPLOITDB text WRITEUP
BlackICE PC Protection < 3.6 - Denial of Service via NtOpenSection API
RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected.
CVE-2006-3787 EXPLOITDB text WRITEUP
Kerio Personal Firewall < 4.3.268 - Denial of Service via CreateRemoteThread API Hook Bypass
kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread.