CVE-2007-3673 : Detail

CVE-2007-3673

0.04%V3
Local
2007-07-15
19h00 +00:00
2017-07-28
10h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\symTDI\, which results in memory overwrite.

CVE Informations

Metrics

Metrics Score Severity CVSS Vector Source
V2 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Exploit information

Exploit Database EDB-ID : 4178

Publication date : 2007-07-11 22h00 +00:00
Author : Zohiartze Herce
EDB Verified : Yes

Symantec AntiVirus symtdi.sys Local Privilege Escalation Author: Zohiartze Herce Site: http://48bits.com https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/4178.rar (07122007-symTDI_advisory.rar) # milw0rm.com [2007-07-12]

Products Mentioned

Configuraton 0

Symantec>>Client_security >> Version 2.0

Symantec>>Client_security >> Version 3.0

Symantec>>Client_security >> Version 3.1

Symantec>>Norton_antispam >> Version 2005

    Symantec>>Norton_antivirus >> Version 9.0

      Symantec>>Norton_antivirus >> Version 9.0.0.338

        Symantec>>Norton_antivirus >> Version 9.0.1

          Symantec>>Norton_antivirus >> Version 9.0.1.1.1000

            Symantec>>Norton_antivirus >> Version 9.0.1.1000

              Symantec>>Norton_antivirus >> Version 9.0.2

                Symantec>>Norton_antivirus >> Version 9.0.2.1000

                  Symantec>>Norton_antivirus >> Version 9.0.3.1000

                    Symantec>>Norton_antivirus >> Version 9.0.4

                      Symantec>>Norton_antivirus >> Version 9.0.5

                        Symantec>>Norton_antivirus >> Version 9.0.5.1100

                          Symantec>>Norton_antivirus >> Version 10.0

                            Symantec>>Norton_antivirus >> Version 10.1

                              Symantec>>Norton_antivirus >> Version 2005

                                Symantec>>Norton_antivirus >> Version 2006

                                  Symantec>>Norton_internet_security >> Version 2005

                                    Symantec>>Norton_internet_security >> Version 2006

                                      Symantec>>Norton_personal_firewall >> Version 2005

                                        Symantec>>Norton_personal_firewall >> Version 2006

                                          Symantec>>Norton_system_works >> Version 2005

                                            Symantec>>Norton_system_works >> Version 2006

                                              References

                                              http://secunia.com/advisories/26042
                                              Tags : third-party-advisory, x_refsource_SECUNIA
                                              http://www.securityfocus.com/bid/22351
                                              Tags : vdb-entry, x_refsource_BID
                                              http://www.vupen.com/english/advisories/2007/2507
                                              Tags : vdb-entry, x_refsource_VUPEN
                                              http://osvdb.org/36117
                                              Tags : vdb-entry, x_refsource_OSVDB
                                              http://securitytracker.com/id?1018372
                                              Tags : vdb-entry, x_refsource_SECTRACK
                                              http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554
                                              Tags : third-party-advisory, x_refsource_IDEFENSE