CVE-2006-4855

Symantec - DoS

Title source: llm

Description

The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.

Exploits (1)

exploitdb WRITEUP VERIFIED

by David Matousek · textdoswindows

https://www.exploit-db.com/exploits/28588

View Code ZIP pw:eip

References (16)

Core 16

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/21938

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016892

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016893

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016895

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016889

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/446111/100/0/threaded

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016897

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/1591

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016896

Vendor Advisory x_refsource_misc

http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/20051

Various Sources x_refsource_confirm

http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/3636

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/28960

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016894

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016898

Scores

EPSS 0.0028

EPSS Percentile 51.3%

Details

CWE

CWE-399

Status published

Products (50)

symantec/client_security 1.0

symantec/client_security 1.0.0_b8.01.9378

symantec/client_security 1.0.1

symantec/client_security 1.0.1_build_8.01.425a mr1

symantec/client_security 1.0.1_build_8.01.429c mr2

symantec/client_security 1.0.1_build_8.01.434 mr3

symantec/client_security 1.0.1_build_8.01.437

symantec/client_security 1.0.1_build_8.01.446 mr4

symantec/client_security 1.0.1_build_8.01.457 mr5

symantec/client_security 1.0.1_build_8.01.460 mr6

... and 40 more

Published Sep 19, 2006

Tracked Since Feb 18, 2026