CVE-2006-3455

Currently unrated

Key Information:

Vendor: Symantec
Status: Norton Antivirus; Client Security
Vendor: CVE Published:; 23 October 2006

Summary

The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/29762

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/20684

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2006/4157

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Oct 23, 2006
Vulnerability Reserved
Jul 7, 2006