Privilege Escalation Flaw in Symantec AntiVirus Corporate Edition and Client Security
CVE-2007-3800

Currently unrated

Key Information:

Vendor: Symantec
Status: Norton Antivirus; Client Security
Vendor: CVE Published:; 16 July 2007

Summary

This vulnerability affects the Real-time scanner (RTVScan) component of Symantec AntiVirus Corporate Edition and Client Security, enabling local users to execute crafted code that can elevate their privileges, especially when the Notification Message window is activated. This could pose significant risks as attackers may exploit this flaw to gain unauthorized access to sensitive system features. Organizations using the affected versions should take immediate steps to implement mitigations and ensure their systems are secured.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/35352

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/24810

vdb-entryx_refsource_BID

http://secunia.com/advisories/26054

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jul 16, 2007
Vulnerability Reserved
Jul 16, 2007