|
|
CVE Reference: CVE-2006-4855 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-4855 |
|
|
Description: The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/28960 ST 1016889 1016892 1016893 1016894 1016895 1016896 1016897 1016898 SREASON http://securityreason.com/securityalert/1591 SAID Secunia Advisory: SA21938 MISC http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php CONFIRM http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/446111/100/0/threaded BID 20051 |
|
| Return to the previous page. |
