Local Privilege Escalation in Symantec AntiVirus and Related Products
CVE-2007-3673

Currently unrated

Key Information:

Vendor: Symantec
Status: Norton Antivirus; Client Security; Norton System Works; Norton Antispam
Vendor: CVE Published:; 15 July 2007

Summary

The vulnerability lies within the symtdi.sys driver in several Symantec products, where a malformed Interrupt Request Packet (IRP) in an IOCTL 0x83022323 request can lead to unauthorized local privilege escalation. This allows local users to gain elevated privileges and potentially modify system settings or access sensitive data, posing significant security risks for affected systems. Users are encouraged to update their software to the latest versions to mitigate these risks.

References

http://secunia.com/advisories/26042

third-party-advisoryx_refsource_SECUNIA

http://securityresponse.symantec.com/avcenter/security/Co...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/35347

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jul 15, 2007
Vulnerability Reserved
Jul 10, 2007