fkie_cve-2007-3673
Vulnerability from fkie_nvd
Published
2007-07-15 21:30
Modified
2024-11-21 00:33
Severity ?
Summary
Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\symTDI\, which results in memory overwrite.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | client_security | 2.0 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.1 | |
| symantec | norton_antispam | 2005 | |
| symantec | norton_antivirus | 9.0 | |
| symantec | norton_antivirus | 9.0.0.338 | |
| symantec | norton_antivirus | 9.0.1 | |
| symantec | norton_antivirus | 9.0.1.1.1000 | |
| symantec | norton_antivirus | 9.0.1.1000 | |
| symantec | norton_antivirus | 9.0.2 | |
| symantec | norton_antivirus | 9.0.2.1000 | |
| symantec | norton_antivirus | 9.0.3.1000 | |
| symantec | norton_antivirus | 9.0.4 | |
| symantec | norton_antivirus | 9.0.5 | |
| symantec | norton_antivirus | 9.0.5.1100 | |
| symantec | norton_antivirus | 10.0 | |
| symantec | norton_antivirus | 10.1 | |
| symantec | norton_antivirus | 2005 | |
| symantec | norton_antivirus | 2006 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2006 | |
| symantec | norton_personal_firewall | 2005 | |
| symantec | norton_personal_firewall | 2006 | |
| symantec | norton_system_works | 2005 | |
| symantec | norton_system_works | 2006 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antispam:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "44553774-85FF-4F2E-81CA-696A454EAA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D9E85FD6-9E89-4497-854C-60A20639CE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*",
"matchCriteriaId": "91F70069-D0F2-41D8-862F-2162CE12D49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "2860637E-6FA5-445A-86B5-E9F2D2D7DD37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EDF0DA40-1AC4-4610-AEAC-F431E23BAEAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "018D1F3B-BAFC-461E-B833-9E0F98A6533D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4B9AED5E-2D66-4EB2-95CC-158D909AAE6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5696AC09-E8BB-4060-9A81-EA2B190B850A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C18E6605-5F86-4957-AE16-80F59F40110E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "56D54011-9B09-4C63-8301-609C03E51099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9EF7F7F6-FC6B-4258-AE1D-3E4C19B365B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A10DA055-1F24-4AFD-A688-58D1DB4FB64A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "CAC5389A-8B18-40C4-A3E0-E50B6AA724FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "81AE594C-41ED-4FE8-839D-B604AE8DC901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "11477B6E-C4C5-4664-91A7-D253077981F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "06C7CD61-A47B-4521-8C6F-4BB1F4C95614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5F3CB3-7EB3-416C-AD2F-6357DC7248CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C890A979-00E7-44E6-8CEA-8E4B2C966622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "29F670F0-FD5D-447C-94B8-691482D907F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "05EB078C-2538-4961-ABFF-6C4601C3977F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\\\symTDI\\, which results in memory overwrite."
},
{
"lang": "es",
"value": "Symantec symtdi.sys versiones anteriores a 7.0.0, tal y como se distribuye en Symantec AntiVirus Corporate Edition 9 hata 10.1 y Client Security 2.0 hasta 3.1, Norton AntiSpam 2005, y Norton AntiVirus, Internet Security, Personal Firewall, y System Works 2005 y 2006; permite a usuarios locales obtener privilegios mediante un Interrupt Request Packet (Irp) manipulado en una petici\u00f3n IOCTL 0x83022323 a \\\\symTDI\\, que resulta en una sobre-escritura de memoria."
}
],
"id": "CVE-2007-3673",
"lastModified": "2024-11-21T00:33:47.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-15T21:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36117"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26042"
},
{
"source": "cve@mitre.org",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018372"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/22351"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2507"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/22351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2507"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35347"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.