cvelistv5 - cve-2007-3800

cve-2007-3800

Vulnerability from cvelistv5

Published

2007-07-16 23:00

Modified

2024-08-07 14:28

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://osvdb.org/36116
cve@mitre.org	http://secunia.com/advisories/26054	Vendor Advisory
cve@mitre.org	http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html
cve@mitre.org	http://www.securityfocus.com/bid/24810
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2506
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/35352
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/36116
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26054	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24810
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2506
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/35352

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:28:52.473Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "symantec-antivirus-rtv-privilege-escalation(35352)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35352"
          },
          {
            "name": "24810",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24810"
          },
          {
            "name": "26054",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26054"
          },
          {
            "name": "ADV-2007-2506",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2506"
          },
          {
            "name": "36116",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/36116"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-07-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "symantec-antivirus-rtv-privilege-escalation(35352)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35352"
        },
        {
          "name": "24810",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24810"
        },
        {
          "name": "26054",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26054"
        },
        {
          "name": "ADV-2007-2506",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2506"
        },
        {
          "name": "36116",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/36116"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3800",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "symantec-antivirus-rtv-privilege-escalation(35352)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35352"
            },
            {
              "name": "24810",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24810"
            },
            {
              "name": "26054",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26054"
            },
            {
              "name": "ADV-2007-2506",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2506"
            },
            {
              "name": "36116",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/36116"
            },
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html",
              "refsource": "CONFIRM",
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3800",
    "datePublished": "2007-07-16T23:00:00",
    "dateReserved": "2007-07-16T00:00:00",
    "dateUpdated": "2024-08-07T14:28:52.473Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-3800\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-07-16T23:30:00.000\",\"lastModified\":\"2024-11-21T00:34:05.940\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en el componente Real-time scanner (RTVScan) en Symantec AntiVirus Corporate Edition 9.0 hasta la 10.1 y Client Security 2.0 hasta la 3.1, cuando la ventana Notification Message est\u00e1 activada, permite a usuarios locales ganar privilegios a trav\u00e9s de c\u00f3digo manipulado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:S/C:C/I:C/A:C\",\"baseScore\":6.0,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":1.5,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.0\",\"matchCriteriaId\":\"0E45E229-0B88-43A6-9888-054520F87EA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DDD0E02-306D-4675-B73A-2C2F619CDDCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5324D40A-76EA-4CC4-A1B1-971069A4E161\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:*:*:corporate:*:*:*:*:*\",\"versionEndIncluding\":\"10.1\",\"matchCriteriaId\":\"34A605C6-2412-469D-BCF3-518BEAD90579\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"D9E85FD6-9E89-4497-854C-60A20639CE52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"CAC5389A-8B18-40C4-A3E0-E50B6AA724FC\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/36116\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/26054\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/24810\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2506\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/35352\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/36116\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/26054\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/24810\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2506\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/35352\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

fkie_cve-2007-3800

Vulnerability from fkie_nvd

Published

2007-07-16 23:30

Modified

2024-11-21 00:34

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://osvdb.org/36116
cve@mitre.org	http://secunia.com/advisories/26054	Vendor Advisory
cve@mitre.org	http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html
cve@mitre.org	http://www.securityfocus.com/bid/24810
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2506
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/35352
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/36116
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26054	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24810
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2506
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/35352

Impacted products

Vendor	Product	Version
symantec	client_security	*
symantec	client_security	2.0
symantec	client_security	2.1
symantec	norton_antivirus	*
symantec	norton_antivirus	9.0
symantec	norton_antivirus	10.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E45E229-0B88-43A6-9888-054520F87EA0",
              "versionEndIncluding": "3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5324D40A-76EA-4CC4-A1B1-971069A4E161",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "34A605C6-2412-469D-BCF3-518BEAD90579",
              "versionEndIncluding": "10.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "D9E85FD6-9E89-4497-854C-60A20639CE52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "CAC5389A-8B18-40C4-A3E0-E50B6AA724FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente Real-time scanner (RTVScan) en Symantec AntiVirus Corporate Edition 9.0 hasta la 10.1 y Client Security 2.0 hasta la 3.1, cuando la ventana Notification Message est\u00e1 activada, permite a usuarios locales ganar privilegios a trav\u00e9s de c\u00f3digo manipulado."
    }
  ],
  "id": "CVE-2007-3800",
  "lastModified": "2024-11-21T00:34:05.940",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-07-16T23:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/36116"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26054"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/24810"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2506"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/36116"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/24810"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2506"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35352"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2007-3800

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2007-3800

Aliases

CVE-2007-3800

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-3800",
    "description": "Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code.",
    "id": "GSD-2007-3800"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-3800"
      ],
      "details": "Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code.",
      "id": "GSD-2007-3800",
      "modified": "2023-12-13T01:21:42.221117Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-3800",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "symantec-antivirus-rtv-privilege-escalation(35352)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35352"
          },
          {
            "name": "24810",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/24810"
          },
          {
            "name": "26054",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26054"
          },
          {
            "name": "ADV-2007-2506",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/2506"
          },
          {
            "name": "36116",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/36116"
          },
          {
            "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html",
            "refsource": "CONFIRM",
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:*:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3800"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html"
            },
            {
              "name": "24810",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/24810"
            },
            {
              "name": "26054",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/26054"
            },
            {
              "name": "ADV-2007-2506",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/2506"
            },
            {
              "name": "36116",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/36116"
            },
            {
              "name": "symantec-antivirus-rtv-privilege-escalation(35352)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35352"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 1.5,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-29T01:32Z",
      "publishedDate": "2007-07-16T23:30Z"
    }
  }
}

ghsa-9r2m-wv8g-mp4x

Vulnerability from github

Published

2022-05-01 18:17

Modified

2022-05-01 18:17

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-3800"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-07-16T23:30:00Z",
    "severity": "MODERATE"
  },
  "details": "Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code.",
  "id": "GHSA-9r2m-wv8g-mp4x",
  "modified": "2022-05-01T18:17:21Z",
  "published": "2022-05-01T18:17:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3800"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35352"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/36116"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26054"
    },
    {
      "type": "WEB",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/24810"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/2506"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code. A local attacker can exploit this issue to elevate privileges to the SYSTEM level. This could facilitate a complete compromise of the affected computer. Symantec AntiVirus is a very popular antivirus solution. There is a loophole in Symantec AntiVirus processing log display. If this feature is enabled, local non-privileged users can use this window to gain system and privileges and execute arbitrary commands in the system.

Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.

The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/

The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.

The vulnerability is caused due to an error in the Real-Time scanner (RTVScan) component when displaying a notification window containing information on threats found on a system. This can be exploited to execute arbitrary code with SYSTEM privileges. http://www.symantec.com/enterprise/support/all_products.jsp

Symantec AntiVirus Corporate Edition 9.0: SAV 9.0.6 MR6 MP1- build 1100 or later

Symantec AntiVirus Corporate Edition 10.0/10.1: 10.1.4 MR4 MP1- build 4010 or later

Symantec Client Security 2.0: SCS 2.0.6 MR6 MP1 - build 1100 or later

Symantec Client Security 3.0/3.1: SCS 3.1.4 MR4 MP1 - build 4010 or later

PROVIDED AND/OR DISCOVERED BY: The vendor credits Ali Rhabar, Sysdream.

ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200707-0218",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "2.0"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "2.1"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "10.0"
      },
      {
        "model": "client security",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "3.0"
      },
      {
        "model": "norton antivirus",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "10.1"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "symantec",
        "version": "3.0"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "symantec",
        "version": "2.0 to  3.1"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "symantec",
        "version": "corporate edition 9.0 to  10.1"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "symantec",
        "version": "10.1"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.401"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.400"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.396"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.394"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2021"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2020"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2011"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2010"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2002"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2001"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2000"
      },
      {
        "model": "client security build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.51100"
      },
      {
        "model": "client security mr4 build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.41000"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.4"
      },
      {
        "model": "client security mr3 b9.0.3.1000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.3"
      },
      {
        "model": "client security mr2 b9.0.2.1000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.2"
      },
      {
        "model": "client security mr1 b9.0.1.1000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.1"
      },
      {
        "model": "client security stm build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.09.0.0.338"
      },
      {
        "model": "client security (scf",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.07.1)"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.1.1008"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.1.1007"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.1.1001"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.1.1000"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.0.359"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1.4"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1.401"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1.400"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1.396"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1.394"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2021"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2020"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2011"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2010"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2002"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2001"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2000"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.5.1100"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.5"
      },
      {
        "model": "antivirus corporate edition mr4 build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.41000"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.4"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.3.1000"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.2.1000"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.1.1.1000"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.0.338"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.1.1008"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.1.1007"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.1.1000"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.0.359"
      },
      {
        "model": "client security mr4 mp1 build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.4-4010"
      },
      {
        "model": "client security mr6 mp1 build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.6-1100"
      },
      {
        "model": "antivirus corporate edition mr4 mp1 build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1.4-4010"
      },
      {
        "model": "antivirus corporate edition mr6 mp1 build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.6-1100"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.2"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1.6.6000"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.1.4.4010"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "24810"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005862"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-3800"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:symantec:client_security",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:symantec:norton_antivirus",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005862"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ali Rahbar",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-306"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2007-3800",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 1.5,
            "id": "CVE-2007-3800",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 1.5,
            "id": "VHN-27162",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:H/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2007-3800",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2007-3800",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200707-306",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-27162",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-27162"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005862"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-3800"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code. \nA local attacker can exploit this issue to elevate privileges to the SYSTEM level. This could facilitate a complete compromise of the affected computer. Symantec AntiVirus is a very popular antivirus solution. There is a loophole in Symantec AntiVirus processing log display. If this feature is enabled, local non-privileged users can use this window to gain system and privileges and execute arbitrary commands in the system. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\nThe vulnerability is caused due to an error in the Real-Time scanner\n(RTVScan) component when displaying a notification window containing\ninformation on threats found on a system. This can be exploited to\nexecute arbitrary code with SYSTEM privileges. \nhttp://www.symantec.com/enterprise/support/all_products.jsp\n\nSymantec AntiVirus Corporate Edition 9.0:\nSAV 9.0.6 MR6 MP1- build 1100 or later\n\nSymantec AntiVirus Corporate Edition 10.0/10.1:\n10.1.4 MR4 MP1- build 4010 or later\n\nSymantec Client Security 2.0:\nSCS 2.0.6 MR6 MP1 - build 1100 or later\n\nSymantec Client Security 3.0/3.1:\nSCS 3.1.4 MR4 MP1 - build 4010 or later\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Ali Rhabar, Sysdream. \n\nORIGINAL ADVISORY:\nSymantec:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-3800"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005862"
      },
      {
        "db": "BID",
        "id": "24810"
      },
      {
        "db": "VULHUB",
        "id": "VHN-27162"
      },
      {
        "db": "PACKETSTORM",
        "id": "57694"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2007-3800",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "24810",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "26054",
        "trust": 1.8
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-2506",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "36116",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005862",
        "trust": 0.8
      },
      {
        "db": "XF",
        "id": "35352",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-306",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-27162",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "57694",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-27162"
      },
      {
        "db": "BID",
        "id": "24810"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005862"
      },
      {
        "db": "PACKETSTORM",
        "id": "57694"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-3800"
      }
    ]
  },
  "id": "VAR-200707-0218",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-27162"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T21:49:02.285000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SYM07-017",
        "trust": 0.8,
        "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005862"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-3800"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://securityresponse.symantec.com/avcenter/security/content/2007.07.11c.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/24810"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/26054"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/36116"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2007/2506"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35352"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3800"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3800"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2007/2506"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/35352"
      },
      {
        "trust": 0.3,
        "url": "http://www.symantec.com/products/enterprise?c=prodinfo\u0026refid=805"
      },
      {
        "trust": 0.3,
        "url": "http://www.symantec.com/smb/products/overview.jsp?pcid=end_sec\u0026pvid=scs31"
      },
      {
        "trust": 0.3,
        "url": "http://www.symantec.com/avcenter/security/content/2007.07.11c.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/network_software_inspector/"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/enterprise/support/all_products.jsp"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3549/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6649/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/26054/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3478/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5555/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-27162"
      },
      {
        "db": "BID",
        "id": "24810"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005862"
      },
      {
        "db": "PACKETSTORM",
        "id": "57694"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-3800"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-27162"
      },
      {
        "db": "BID",
        "id": "24810"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005862"
      },
      {
        "db": "PACKETSTORM",
        "id": "57694"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-306"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-3800"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-07-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-27162"
      },
      {
        "date": "2007-07-11T00:00:00",
        "db": "BID",
        "id": "24810"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-005862"
      },
      {
        "date": "2007-07-13T00:55:11",
        "db": "PACKETSTORM",
        "id": "57694"
      },
      {
        "date": "2007-07-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200707-306"
      },
      {
        "date": "2007-07-16T23:30:00",
        "db": "NVD",
        "id": "CVE-2007-3800"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-27162"
      },
      {
        "date": "2015-05-07T17:37:00",
        "db": "BID",
        "id": "24810"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-005862"
      },
      {
        "date": "2007-07-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200707-306"
      },
      {
        "date": "2024-11-21T00:34:05.940000",
        "db": "NVD",
        "id": "CVE-2007-3800"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "24810"
      },
      {
        "db": "PACKETSTORM",
        "id": "57694"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-306"
      }
    ],
    "trust": 1.0
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Symantec AntiVirus Corporate Edition and  Client Security of  RTVScan Vulnerability gained privileges in components",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-005862"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Design Error",
    "sources": [
      {
        "db": "BID",
        "id": "24810"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-306"
      }
    ],
    "trust": 0.9
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2007-3800

Vulnerability from cvelistv5

fkie_cve-2007-3800

Vulnerability from fkie_nvd

gsd-2007-3800

Vulnerability from gsd

ghsa-9r2m-wv8g-mp4x

Vulnerability from github

var-200707-0218

Vulnerability from variot

Tags

Sightings

Nomenclature