Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2006-3455

Опубликовано: 23 окт. 2006
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_build_393:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr6_b8.1.1.266:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1_stm_b8.1.0.825a:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.0.825a:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1.366:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1.377:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1_build393:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*

EPSS

Процентиль: 23%
0.00076
Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

github логотип

GHSA-726x-q3rw-h4cp

github
почти 4 года назад

The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.

EPSS

Процентиль: 23%
0.00076
Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other