CVE-2006-4927
Symantec AntiVirus <20061.3.0.12 - Privilege Escalation
Title source: llmDescription
The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions (1) 0x222AD3, (2) 0x222AD7, and (3) 0x222ADB.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Ruben Santamarta · clocalwindows
https://www.exploit-db.com/exploits/28764
exploitdb
WORKING POC
VERIFIED
by Ruben Santamarta · clocalwindows
https://www.exploit-db.com/exploits/28763
References (18)
Scores
EPSS
0.0039
EPSS Percentile
59.8%
Details
Status
published
Products (2)
symantec/naveng_driver
symantec/navex15_driver
Published
Oct 10, 2006
Tracked Since
Feb 18, 2026