CVE-2006-4855

Symantec Client Security - Denial of Service via Invalid Data to \Device\SymEvent Driver

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-4855. PoCs published by David Matousek.

AI-analyzed exploit summary The provided text describes a local denial-of-service vulnerability in multiple Symantec products due to malformed data sent to the 'SymEvent' driver. It references a security advisory and a link to a binary exploit but does not contain actual exploit code.

Description

The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.

Exploits (1)

exploitdb WRITEUP VERIFIED
by David Matousek · textdoswindows
https://www.exploit-db.com/exploits/28588

The provided text describes a local denial-of-service vulnerability in multiple Symantec products due to malformed data sent to the 'SymEvent' driver. It references a security advisory and a link to a binary exploit but does not contain actual exploit code.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Multiple Symantec products (specific versions not listed)
Auth required
Prerequisites: Local access to the target system · Authentication on the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (16)

Core 16
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/21938
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016892
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016893
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016895
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016889
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/446111/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016897
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/1591
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016896
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/20051
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/3636
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/28960
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016894
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016898

Scores

EPSS 0.0129
EPSS Percentile 66.5%

Details

CWE
CWE-399
Status published
Products (50)
symantec/client_security 1.0
symantec/client_security 1.0.0_b8.01.9378
symantec/client_security 1.0.1
symantec/client_security 1.0.1_build_8.01.425a mr1
symantec/client_security 1.0.1_build_8.01.429c mr2
symantec/client_security 1.0.1_build_8.01.434 mr3
symantec/client_security 1.0.1_build_8.01.437
symantec/client_security 1.0.1_build_8.01.446 mr4
symantec/client_security 1.0.1_build_8.01.457 mr5
symantec/client_security 1.0.1_build_8.01.460 mr6
... and 40 more
Published Sep 19, 2006
Tracked Since Feb 18, 2026