Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2006-3455

The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.

Published

2006-10-23T20:07:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 4.3 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:S/C:P/I:P/A:P

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: SINGLE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

3.1

Impact Score

6.4

Weaknesses
  • Type: Primary
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application symantec client_security 1.1 Yes
Application symantec client_security 1.1.1 Yes
Application symantec client_security 1.1.1_build_393 Yes
Application symantec client_security 1.1.1_mr1_build_8.1.1.314a Yes
Application symantec client_security 1.1.1_mr2_build_8.1.1.319 Yes
Application symantec client_security 1.1.1_mr3_build_8.1.1.323 Yes
Application symantec client_security 1.1.1_mr4_build_8.1.1.329 Yes
Application symantec client_security 1.1.1_mr5_build_8.1.1.336 Yes
Application symantec client_security 1.1.1_mr6_b8.1.1.266 Yes
Application symantec client_security 1.1_stm_b8.1.0.825a Yes
Application symantec client_security 2.0 Yes
Application symantec client_security 2.0.1 Yes
Application symantec client_security 2.0.1_build_9.0.1.1000 Yes
Application symantec client_security 2.0.2 Yes
Application symantec client_security 2.0.2_build_9.0.2.1000 Yes
Application symantec client_security 2.0.3 Yes
Application symantec client_security 2.0.3_build_9.0.3.1000 Yes
Application symantec client_security 2.0_scf_7.1 Yes
Application symantec client_security 2.0_stm_build_9.0.0.338 Yes
Application symantec norton_antivirus 8.1 Yes
Application symantec norton_antivirus 8.1.0.825a Yes
Application symantec norton_antivirus 8.1.1 Yes
Application symantec norton_antivirus 8.1.1.319 Yes
Application symantec norton_antivirus 8.1.1.323 Yes
Application symantec norton_antivirus 8.1.1.329 Yes
Application symantec norton_antivirus 8.1.1.366 Yes
Application symantec norton_antivirus 8.1.1.377 Yes
Application symantec norton_antivirus 8.1.1_build8.1.1.314a Yes
Application symantec norton_antivirus 8.1.1_build393 Yes
Application symantec norton_antivirus 8.01.434 Yes
Application symantec norton_antivirus 8.01.437 Yes
Application symantec norton_antivirus 8.01.446 Yes
Application symantec norton_antivirus 8.01.457 Yes
Application symantec norton_antivirus 8.01.460 Yes
Application symantec norton_antivirus 8.01.464 Yes
Application symantec norton_antivirus 8.01.471 Yes
Application symantec norton_antivirus 9.0.1 Yes
Application symantec norton_antivirus 9.0.1.1.1000 Yes
Application symantec norton_antivirus 9.0.1.1000 Yes
Application symantec norton_antivirus 9.0.2 Yes
Application symantec norton_antivirus 9.0.2.1000 Yes
References