CVE-2006-4927 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-4927
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4927

Description: The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions (1) 0x222AD3, (2) 0x222AD7, and (3) 0x222ADB.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/29360 ST 1016999 1017000 1016998 1016997 1016994 1016995 1016996 1017001 1017002 SREASON http://securityreason.com/securityalert/1690 SAID Secunia Advisory: SA22288 IDEFENSE http://www.idefense.com/intelligence/vulnerabilities/display.php?id=417 CONFIRM http://www.symantec.com/avcenter/security/Content/2006.10.05a.html CERT-VN 946820 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/447849/100/0/threaded BID 20360

Return to the previous page.