Denial of Service Vulnerability in Symantec Norton Personal Firewall and Related Products
CVE-2007-1476

Currently unrated

Key Information:

Vendor: Symantec
Status: Norton Antivirus; Client Security; Norton System Works; Norton Personal Firewall
Vendor: CVE Published:; 16 March 2007

Summary

The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall and other related products can be exploited by local users sending specifically crafted data to the driver's device file. This action results in invalid memory access, leading to a system crash and a denial of service. Various versions of Norton products, including the Internet Security suites and AntiVirus Corporate Editions, are affected by this vulnerability, requiring users to update or apply mitigations to ensure system stability and security.

References

http://www.symantec.com/avcenter/security/Content/2007.09...

x_refsource_CONFIRM

http://www.securityfocus.com/archive/1/462926/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=full-disclosure&m=117396596027148&w=2

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Mar 16, 2007
Vulnerability Reserved
Mar 16, 2007