CVE-2007-1793

Symantec Norton Personal Firewall 9.1.0.33/9.1.1.7 DoS via NtCreateMutant/NtOpenEvent

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1793. PoCs published by David Matousek.

AI-analyzed exploit summary This exploit demonstrates a local denial-of-service vulnerability in Symantec products by supplying invalid arguments to the 'SPBBCDrv.sys' driver. It targets specific functions like 'NtCreateMutant' and 'NtOpenEvent' to crash the system due to insufficient argument validation.

Description

SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.

Exploits (1)

exploitdb WORKING POC VERIFIED
by David Matousek · cdoswindows
https://www.exploit-db.com/exploits/29810

This exploit demonstrates a local denial-of-service vulnerability in Symantec products by supplying invalid arguments to the 'SPBBCDrv.sys' driver. It targets specific functions like 'NtCreateMutant' and 'NtOpenEvent' to crash the system due to insufficient argument validation.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Symantec products with SPBBCDrv.sys driver
No auth needed
Prerequisites: Local access to the system · Presence of vulnerable Symantec driver
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (17)

Core 17
Core References
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1192
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/464456/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1021386
Patch vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1017837
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/23241
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1021388
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1021389
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/33352
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/34692
Patch vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1017838
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1021387
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24677
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/479830/100/0/threaded

Scores

EPSS 0.0172
EPSS Percentile 74.5%

Details

CWE
CWE-20
Status published
Products (50)
symantec/antivirus 10.0
symantec/antivirus 10.0.1
symantec/antivirus 10.0.1.1
symantec/antivirus 10.0.2
symantec/antivirus 10.0.2.1
symantec/antivirus 10.0.2.2
symantec/antivirus 10.0.3
symantec/antivirus 10.0.4
symantec/antivirus 10.0.5
symantec/antivirus 10.0.6
... and 40 more
Published Apr 02, 2007
Tracked Since Feb 18, 2026