CVE-2006-4855 : Detail

CVE-2006-4855

0.04%V3
Local
2006-09-19
16h00 +00:00
2018-10-17
18h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-399 Category : Resource Management Errors
Weaknesses in this category are related to improper management of system resources.

Metrics

Metrics Score Severity CVSS Vector Source
V2 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Exploit information

Exploit Database EDB-ID : 28588

Publication date : 2006-09-14 22h00 +00:00
Author : David Matousek
EDB Verified : Yes

source: https://www.securityfocus.com/bid/20051/info Multiple Symantec products are prone to a local denial-of-service vulnerability. This issue occurs when attackers send malformed data to the 'SymEvent' driver. A local authenticated attacker may exploit this issue to crash affected computers, denying service to legitimate users. Please see the vulnerable systems section for details regarding affected Symantec products. https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/28588.zip

Products Mentioned

Configuraton 0

Symantec>>Client_security >> Version 1.0

Symantec>>Client_security >> Version 1.0.0_b8.01.9378

    Symantec>>Client_security >> Version 1.0.1

    Symantec>>Client_security >> Version 1.0.1_build_8.01.425a

    Symantec>>Client_security >> Version 1.0.1_build_8.01.429c

    Symantec>>Client_security >> Version 1.0.1_build_8.01.434

    Symantec>>Client_security >> Version 1.0.1_build_8.01.437

    Symantec>>Client_security >> Version 1.0.1_build_8.01.446

    Symantec>>Client_security >> Version 1.0.1_build_8.01.457

    Symantec>>Client_security >> Version 1.0.1_build_8.01.460

    Symantec>>Client_security >> Version 1.0.1_build_8.01.464

    Symantec>>Client_security >> Version 1.0.1_build_8.01.471

    Symantec>>Client_security >> Version 1.0.1_build_8.01.501

    Symantec>>Client_security >> Version 1.0_build_8.01.9374

    Symantec>>Client_security >> Version 1.1

      Symantec>>Client_security >> Version 1.1.1

      Symantec>>Client_security >> Version 1.1.1_build_393

        Symantec>>Client_security >> Version 1.1.1_mr1_build_8.1.1.314a

        Symantec>>Client_security >> Version 1.1.1_mr2_build_8.1.1.319

        Symantec>>Client_security >> Version 1.1.1_mr3_build_8.1.1.323

        Symantec>>Client_security >> Version 1.1.1_mr4_build_8.1.1.329

        Symantec>>Client_security >> Version 1.1.1_mr5_build_8.1.1.336

        Symantec>>Client_security >> Version 1.1.1_mr6_b8.1.1.266

          Symantec>>Client_security >> Version 1.1_stm_b8.1.0.825a

            Symantec>>Client_security >> Version 2.0

            Symantec>>Client_security >> Version 2.0.1_build_9.0.1.1000

            Symantec>>Client_security >> Version 2.0.2_build_9.0.2.1000

            Symantec>>Client_security >> Version 2.0.3_build_9.0.3.1000

            Symantec>>Client_security >> Version 2.0.5_build_1100

              Symantec>>Client_security >> Version 2.0_scf_7.1

                Symantec>>Client_security >> Version 2.0_stm_build_9.0.0.338

                  Symantec>>Client_security >> Version 3.0

                  Symantec>>Client_security >> Version 3.1

                  Symantec>>Host_ids >> Version *

                  Symantec>>Norton_antivirus >> Version 2.1

                    Symantec>>Norton_antivirus >> Version 8.0

                      Symantec>>Norton_antivirus >> Version 8.0.1

                        Symantec>>Norton_antivirus >> Version 8.0.1.425a

                          Symantec>>Norton_antivirus >> Version 8.0.1.425c

                            Symantec>>Norton_antivirus >> Version 8.0.1.501

                              Symantec>>Norton_antivirus >> Version 8.0.1.9374

                                Symantec>>Norton_antivirus >> Version 8.0.1.9378

                                  Symantec>>Norton_antivirus >> Version 8.1

                                    Symantec>>Norton_antivirus >> Version 8.1.0.825a

                                      Symantec>>Norton_antivirus >> Version 8.1.1

                                        Symantec>>Norton_antivirus >> Version 8.1.1.319

                                        Symantec>>Norton_antivirus >> Version 8.1.1.323

                                        Symantec>>Norton_antivirus >> Version 8.1.1.329

                                        Symantec>>Norton_antivirus >> Version 8.1.1.366

                                          Symantec>>Norton_antivirus >> Version 8.1.1.377

                                            Symantec>>Norton_antivirus >> Version 8.1.1_build8.1.1.314a

                                            Symantec>>Norton_antivirus >> Version 8.1.1_build393

                                              Symantec>>Norton_antivirus >> Version 8.01.434

                                              Symantec>>Norton_antivirus >> Version 8.01.437

                                              Symantec>>Norton_antivirus >> Version 8.01.446

                                              Symantec>>Norton_antivirus >> Version 8.01.457

                                              Symantec>>Norton_antivirus >> Version 8.01.460

                                              Symantec>>Norton_antivirus >> Version 8.01.464

                                              Symantec>>Norton_antivirus >> Version 8.01.471

                                              Symantec>>Norton_antivirus >> Version 9.0

                                                Symantec>>Norton_antivirus >> Version 9.0.0.338

                                                  Symantec>>Norton_antivirus >> Version 9.0.1.1.1000

                                                    Symantec>>Norton_antivirus >> Version 9.0.2.1000

                                                      Symantec>>Norton_antivirus >> Version 9.0.3.1000

                                                        Symantec>>Norton_antivirus >> Version 9.0.4

                                                          Symantec>>Norton_antivirus >> Version 9.0.5

                                                            Symantec>>Norton_antivirus >> Version 9.0.5.1100

                                                              Symantec>>Norton_antivirus >> Version 10.0

                                                                Symantec>>Norton_antivirus >> Version 10.0.2.2000

                                                                  Symantec>>Norton_antivirus >> Version 10.0.2.2001

                                                                    Symantec>>Norton_antivirus >> Version 10.0.2.2002

                                                                      Symantec>>Norton_antivirus >> Version 10.0.2.2010

                                                                        Symantec>>Norton_antivirus >> Version 10.0.2.2011

                                                                          Symantec>>Norton_antivirus >> Version 10.0.2.2020

                                                                            Symantec>>Norton_antivirus >> Version 10.0.2.2021

                                                                              Symantec>>Norton_antivirus >> Version 10.1

                                                                                Symantec>>Norton_antivirus >> Version 2003

                                                                                  Symantec>>Norton_antivirus >> Version 2003

                                                                                    Symantec>>Norton_antivirus >> Version 2004

                                                                                      Symantec>>Norton_antivirus >> Version 2005

                                                                                        Symantec>>Norton_antivirus >> Version 2006

                                                                                          Symantec>>Norton_antivirus >> Version 2007

                                                                                            Symantec>>Norton_internet_security >> Version 2003

                                                                                              Symantec>>Norton_internet_security >> Version 2003

                                                                                                Symantec>>Norton_internet_security >> Version 2004

                                                                                                Symantec>>Norton_internet_security >> Version 2004

                                                                                                Symantec>>Norton_internet_security >> Version 2005

                                                                                                  Symantec>>Norton_internet_security >> Version 2005

                                                                                                    Symantec>>Norton_internet_security >> Version 2006

                                                                                                      Symantec>>Norton_internet_security >> Version 2007

                                                                                                        Symantec>>Norton_personal_firewall >> Version 2003

                                                                                                          Symantec>>Norton_personal_firewall >> Version 2004

                                                                                                            Symantec>>Norton_personal_firewall >> Version 2005

                                                                                                              Symantec>>Norton_personal_firewall >> Version 2006

                                                                                                                Symantec>>Norton_system_works >> Version 2003_professional_edition

                                                                                                                  Symantec>>Norton_system_works >> Version 2004

                                                                                                                  Symantec>>Norton_system_works >> Version 2004_professional_edition

                                                                                                                    Symantec>>Norton_system_works >> Version 2005

                                                                                                                      Symantec>>Norton_system_works >> Version 2005_premier

                                                                                                                        Symantec>>Norton_system_works >> Version 2006

                                                                                                                          Symantec>>Pcanywhere >> Version 11.5

                                                                                                                          References

                                                                                                                          http://securitytracker.com/id?1016892
                                                                                                                          Tags : vdb-entry, x_refsource_SECTRACK
                                                                                                                          http://secunia.com/advisories/21938
                                                                                                                          Tags : third-party-advisory, x_refsource_SECUNIA
                                                                                                                          http://securitytracker.com/id?1016893
                                                                                                                          Tags : vdb-entry, x_refsource_SECTRACK
                                                                                                                          http://securitytracker.com/id?1016895
                                                                                                                          Tags : vdb-entry, x_refsource_SECTRACK
                                                                                                                          http://securitytracker.com/id?1016889
                                                                                                                          Tags : vdb-entry, x_refsource_SECTRACK
                                                                                                                          http://securitytracker.com/id?1016897
                                                                                                                          Tags : vdb-entry, x_refsource_SECTRACK
                                                                                                                          http://securityreason.com/securityalert/1591
                                                                                                                          Tags : third-party-advisory, x_refsource_SREASON
                                                                                                                          http://securitytracker.com/id?1016896
                                                                                                                          Tags : vdb-entry, x_refsource_SECTRACK
                                                                                                                          http://www.securityfocus.com/bid/20051
                                                                                                                          Tags : vdb-entry, x_refsource_BID
                                                                                                                          http://www.vupen.com/english/advisories/2006/3636
                                                                                                                          Tags : vdb-entry, x_refsource_VUPEN
                                                                                                                          http://securitytracker.com/id?1016894
                                                                                                                          Tags : vdb-entry, x_refsource_SECTRACK
                                                                                                                          http://securitytracker.com/id?1016898
                                                                                                                          Tags : vdb-entry, x_refsource_SECTRACK