fkie_cve-2006-3455
Vulnerability from fkie_nvd
Published
2006-10-23 20:07
Modified
2025-04-09 00:30
Severity ?
Summary
The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.
References
cve@mitre.orghttp://secunia.com/advisories/22536
cve@mitre.orghttp://securitytracker.com/id?1017108
cve@mitre.orghttp://securitytracker.com/id?1017109
cve@mitre.orghttp://www.securityfocus.com/archive/1/449524/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/20684
cve@mitre.orghttp://www.symantec.com/avcenter/security/Content/2006.10.23.htmlPatch
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/4157
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/29762
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22536
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1017108
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1017109
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/449524/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/20684
af854a3a-2127-422b-91ae-364da2661108http://www.symantec.com/avcenter/security/Content/2006.10.23.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/4157
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/29762
Impacted products
Vendor Product Version
symantec client_security 1.1
symantec client_security 1.1.1
symantec client_security 1.1.1_build_393
symantec client_security 1.1.1_mr1_build_8.1.1.314a
symantec client_security 1.1.1_mr2_build_8.1.1.319
symantec client_security 1.1.1_mr3_build_8.1.1.323
symantec client_security 1.1.1_mr4_build_8.1.1.329
symantec client_security 1.1.1_mr5_build_8.1.1.336
symantec client_security 1.1.1_mr6_b8.1.1.266
symantec client_security 1.1_stm_b8.1.0.825a
symantec client_security 2.0
symantec client_security 2.0.1
symantec client_security 2.0.1_build_9.0.1.1000
symantec client_security 2.0.2
symantec client_security 2.0.2_build_9.0.2.1000
symantec client_security 2.0.3
symantec client_security 2.0.3_build_9.0.3.1000
symantec client_security 2.0_scf_7.1
symantec client_security 2.0_stm_build_9.0.0.338
symantec norton_antivirus 8.1
symantec norton_antivirus 8.1.0.825a
symantec norton_antivirus 8.1.1
symantec norton_antivirus 8.1.1.319
symantec norton_antivirus 8.1.1.323
symantec norton_antivirus 8.1.1.329
symantec norton_antivirus 8.1.1.366
symantec norton_antivirus 8.1.1.377
symantec norton_antivirus 8.1.1_build8.1.1.314a
symantec norton_antivirus 8.1.1_build393
symantec norton_antivirus 8.01.434
symantec norton_antivirus 8.01.437
symantec norton_antivirus 8.01.446
symantec norton_antivirus 8.01.457
symantec norton_antivirus 8.01.460
symantec norton_antivirus 8.01.464
symantec norton_antivirus 8.01.471
symantec norton_antivirus 9.0.1
symantec norton_antivirus 9.0.1.1.1000
symantec norton_antivirus 9.0.1.1000
symantec norton_antivirus 9.0.2
symantec norton_antivirus 9.0.2.1000


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7483F6DD-EDC0-497E-A5A9-B186E02CCCEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DA2590E-DFB0-4B72-99BC-B49AD97A4969",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1.1_build_393:*:*:*:*:*:*:*",
              "matchCriteriaId": "766C850E-817E-41AB-B0FF-413513548BC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB47C16B-5221-4D64-BDB2-65D072A66C02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*",
              "matchCriteriaId": "204F2046-F116-45D7-9256-179A3B59886A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD0C67C0-3CF1-4BAD-A673-9B783E1D0724",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*",
              "matchCriteriaId": "274EA5DA-9519-46DE-B11E-87BDF1978E14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*",
              "matchCriteriaId": "044C020A-0BCC-4037-BC32-73385A0BE019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr6_b8.1.1.266:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A0176BE-3D55-422B-9FDD-961A00CFAC19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1_stm_b8.1.0.825a:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA3D7305-B8D0-4165-9F0F-50A49142EF2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "251E7DE8-4485-438E-B62D-1BF508ECCCF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*",
              "matchCriteriaId": "D934F853-C7E0-421E-9AF3-B7B49228722F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "742DB20E-AB26-4CF4-A383-BDCF3FBA448F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*",
              "matchCriteriaId": "D608AACF-A4BC-49CE-BE49-E8F3AEF31DC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5E4BCD7-E441-417A-8C52-E1DE80AD67CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*",
              "matchCriteriaId": "3238894A-3C25-4CC8-A319-8AA7246FEC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7C2D813-C219-4FF3-9C3B-DBB855480492",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5A00A25-A52F-4E9D-AAD0-194171C772FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "3AA02AEB-362B-4A09-92E3-D6D8BB4B6CB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.0.825a:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "3A82AC27-8BE6-47F7-A6EC-F4C21373AA58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "ECAA6170-5520-4AA9-8358-5F91FD10420E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "E626F14C-FDE9-4C6A-8CE7-B99CD4FEE485",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "EC4CFE5A-4D51-405D-B92E-37DE4E617ABE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "727A116A-D18C-4F3F-A6A8-2C6107FFB8C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.366:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "EAE76215-2A7E-4D71-8757-AE10E4A9AE0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.377:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "AF45DF9D-D7BE-41AD-A838-0AF9A264EBFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "4A6612F1-4CA8-427A-AED4-854F943BA3D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1_build393:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "902A4011-83C5-4A3B-B443-C51EA855E8E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "8BB225A0-7FB9-4AD2-8ED2-5CC1AEBAAB3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "9603C423-F24A-4607-B721-D02EDA94AE8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "574AAAA6-8181-457B-84CE-5AEB1895E3B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "DF957AD3-B6E5-4BD7-832F-33E734817B77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "14D862F4-BE5F-4E6B-9955-ACFB48A5D3B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "768B7F5E-E4AD-420E-92FA-A58E1AE3D1BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "C15B7FEA-E6A9-4DBE-B1A9-E17E91512A77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "2860637E-6FA5-445A-86B5-E9F2D2D7DD37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "EDF0DA40-1AC4-4610-AEAC-F431E23BAEAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "018D1F3B-BAFC-461E-B833-9E0F98A6533D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "4B9AED5E-2D66-4EB2-95CC-158D909AAE6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "5696AC09-E8BB-4060-9A81-EA2B190B850A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function."
    },
    {
      "lang": "es",
      "value": "El controlador de dispositivo SAVRT.SYS, utilizado en Symantec AntiVirus Corporate Edition 8.1 y 9.0.x hasta 9.0.3, y en Symantec Client Security 1.1 y 2.0.x hasta 2.0.3, permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n mediante una direcci\u00f3n modificada para el argumento de b\u00fafer de salida en la funci\u00f3n DeviceIOControl."
    }
  ],
  "id": "CVE-2006-3455",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-10-23T20:07:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/22536"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017108"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017109"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/449524/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/20684"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.symantec.com/avcenter/security/Content/2006.10.23.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/4157"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29762"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22536"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017108"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/449524/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/20684"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.symantec.com/avcenter/security/Content/2006.10.23.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/4157"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29762"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.