Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2006-4855

Published: 19/09/2006 Updated: 17/10/2018
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
VMScore: 495
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Symantec

Vulnerability Summary

The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.

Vulnerable Product Search on Vulmon Subscribe to Product

symantec client security 1.0.1_build_8.01.425a

symantec client security 1.0.1_build_8.01.429c

symantec client security 1.0.1_build_8.01.471

symantec client security 1.0.1_build_8.01.501

symantec client security 1.0_build_8.01.9374

symantec client security 1.1.1_mr4_build_8.1.1.329

symantec client security 1.1.1_mr5_build_8.1.1.336

symantec client security 2.0.5_build_1100

symantec client security 2.0_scf_7.1

symantec norton antivirus 10.0.2.2010

symantec norton antivirus 10.0.2.2011

symantec norton antivirus 2003

symantec norton antivirus 2004

symantec norton antivirus 8.0.1.9374

symantec norton antivirus 8.0.1.9378

symantec norton antivirus 8.01.464

symantec norton antivirus 8.01.471

symantec norton antivirus 8.1.1

symantec norton antivirus 8.1.1_build393

symantec norton antivirus 9.0.4

symantec norton antivirus 9.0.5.1100

symantec client security 1.0.1_build_8.01.434

symantec client security 1.0.1_build_8.01.437

symantec client security 1.1

symantec client security 1.1.1

symantec client security 1.1.1_mr6_b8.1.1.266

symantec client security 1.1_stm_b8.1.0.825a

symantec client security 2.0_stm_build_9.0.0.338

symantec client security 3.0

symantec norton antivirus 10.0.2.2020

symantec norton antivirus 10.0.2.2021

symantec norton antivirus 2005

symantec norton antivirus 2006

symantec norton antivirus 8.0.1

symantec norton antivirus 8.0

symantec norton antivirus 8.1.0.825a

symantec norton antivirus 8.1.1.319

symantec norton antivirus 8.1.1_build8.1.1.314a

symantec norton antivirus 8.1

symantec norton antivirus 9.0.5

symantec norton antivirus 9.0

symantec norton internet security 2003

symantec norton internet security 2007

symantec norton personal firewall 2003

symantec norton system works 2005

symantec norton system works 2005_premier

symantec norton internet security 2005

symantec norton internet security 2006

symantec norton system works 2004

symantec norton system works 2004_professional_edition

symantec client security 1.0

symantec client security 1.0.1_build_8.01.446

symantec client security 1.0.1_build_8.01.457

symantec client security 1.1.1_build_393

symantec client security 1.1.1_mr1_build_8.1.1.314a

symantec client security 2.0

symantec client security 2.0.1_build_9.0.1.1000

symantec client security 3.1

symantec host ids

symantec norton antivirus 10.0

symantec norton antivirus 10.1

symantec norton antivirus 2007

symantec norton antivirus 8.0.1.425a

symantec norton antivirus 8.01.434

symantec norton antivirus 8.01.437

symantec norton antivirus 8.01.446

symantec norton antivirus 8.1.1.323

symantec norton antivirus 8.1.1.329

symantec norton antivirus 9.0.0.338

symantec norton antivirus 9.0.1.1.1000

symantec norton internet security 2004

symantec norton personal firewall 2004

symantec norton personal firewall 2005

symantec norton system works 2006

symantec pcanywhere 11.5

symantec client security 1.0.0_b8.01.9378

symantec client security 1.0.1

symantec client security 1.0.1_build_8.01.460

symantec client security 1.0.1_build_8.01.464

symantec client security 1.1.1_mr2_build_8.1.1.319

symantec client security 1.1.1_mr3_build_8.1.1.323

symantec client security 2.0.2_build_9.0.2.1000

symantec client security 2.0.3_build_9.0.3.1000

symantec norton antivirus 10.0.2.2000

symantec norton antivirus 10.0.2.2001

symantec norton antivirus 10.0.2.2002

symantec norton antivirus 2.1

symantec norton antivirus 8.0.1.425c

symantec norton antivirus 8.0.1.501

symantec norton antivirus 8.01.457

symantec norton antivirus 8.01.460

symantec norton antivirus 8.1.1.366

symantec norton antivirus 8.1.1.377

symantec norton antivirus 9.0.2.1000

symantec norton antivirus 9.0.3.1000

symantec norton personal firewall 2006

symantec norton system works 2003_professional_edition

Exploits

Exploit DB: Symantec (Multiple Products) - 'SymEvent' Driver Local Denial of Service
source: wwwsecurityfocuscom/bid/20051/info Multiple Symantec products are prone to a local denial-of-service vulnerability This issue occurs when attackers send malformed data to the 'SymEvent' driver A local authenticated attacker may exploit this issue to crash affected computers, denying service to legitimate users Please see the ...

References

CWE-399http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.phphttp://www.securityfocus.com/bid/20051http://secunia.com/advisories/21938http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.htmlhttp://securitytracker.com/id?1016889http://securitytracker.com/id?1016892http://securitytracker.com/id?1016893http://securitytracker.com/id?1016894http://securitytracker.com/id?1016895http://securitytracker.com/id?1016896http://securitytracker.com/id?1016897http://securitytracker.com/id?1016898http://securityreason.com/securityalert/1591http://www.vupen.com/english/advisories/2006/3636https://exchange.xforce.ibmcloud.com/vulnerabilities/28960http://www.securityfocus.com/archive/1/446111/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/28588/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook