Описание
The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.
The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-3455
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29762
- http://secunia.com/advisories/22536
- http://securitytracker.com/id?1017108
- http://securitytracker.com/id?1017109
- http://www.securityfocus.com/archive/1/449524/100/0/threaded
- http://www.securityfocus.com/bid/20684
- http://www.symantec.com/avcenter/security/Content/2006.10.23.html
- http://www.vupen.com/english/advisories/2006/4157
EPSS
CVE ID
Связанные уязвимости
The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.
EPSS