ID CVE-2006-4927
Summary The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions (1) 0x222AD3, (2) 0x222AD7, and (3) 0x222ADB. Update 20061.3.0.12 has been released by the vendor for each vulnerable driver. Additionally, an update to the virus definitions (October 4, 2006 revision 9 or later) is required.
References
Vulnerable Configurations
  • cpe:2.3:a:symantec:naveng_driver:*:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:naveng_driver:*:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:navex15_driver:*:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:navex15_driver:*:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 17-10-2018 - 21:40)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 20360
bugtraq 20061005 [Reversemode Advisory] Symantec Antivirus Engine Privilege Escalation
cert-vn VU#946820
confirm http://www.symantec.com/avcenter/security/Content/2006.10.05a.html
idefense 20061005 Symantec AntiVirus IOCTL Kernel Privilege Escalation Vulnerability
sectrack
  • 1016994
  • 1016995
  • 1016996
  • 1016997
  • 1016998
  • 1016999
  • 1017000
  • 1017001
  • 1017002
secunia 22288
sreason 1690
vupen ADV-2006-3928
xf symantec-ioctl-privilege-escalation(29360)
Last major update 17-10-2018 - 21:40
Published 10-10-2006 - 04:06
Last modified 17-10-2018 - 21:40
Back to Top