Insufficient Argument Validation in Symantec Norton Personal Firewall
CVE-2007-1793

Currently unrated

Key Information:

Vendor: Symantec
Status: Client Security; Antivirus; Norton Internet Security; Norton System Works
Vendor: CVE Published:; 2 April 2007

Summary

The SPBBCDrv.sys driver in Symantec Norton Personal Firewall 2006 does not properly validate specific arguments before passing them to hooked SSDT function handlers. This flaw may allow local users to instigate a denial of service through system crashes or potentially execute arbitrary code via crafted input to the NtCreateMutant and NtOpenEvent functions. Reports indicate that Norton Internet Security 2008 and earlier versions could also be vulnerable to this issue.

References

http://www.vupen.com/english/advisories/2007/1192

vdb-entryx_refsource_VUPEN

http://www.matousec.com/info/advisories/Norton-Multiple-i...

x_refsource_MISC

http://www.securityfocus.com/archive/1/464456/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Apr 2, 2007
Vulnerability Reserved
Apr 2, 2007