Symantec symtdi.sys prior to 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 up to and including 10.1 and Client Security 2.0 up to and including 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\symTDI\, which results in memory overwrite.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
symantec client security 2.0 |
||
symantec norton antivirus 9.0.0.338 |
||
symantec norton antivirus 9.0.1.1.1000 |
||
symantec norton antispam 2005 |
||
symantec norton antivirus 10.0 |
||
symantec norton antivirus 9.0.2.1000 |
||
symantec norton antivirus 9.0.2 |
||
symantec norton internet security 2006 |
||
symantec norton personal firewall 2005 |
||
symantec norton antivirus 9.0.5.1100 |
||
symantec norton antivirus 9.0.5 |
||
symantec norton system works 2006 |
||
symantec client security 3.0 |
||
symantec client security 3.1 |
||
symantec norton antivirus 9.0.1.1000 |
||
symantec norton antivirus 9.0.1 |
||
symantec norton antivirus 9.0 |
||
symantec norton internet security 2005 |
||
symantec norton antivirus 10.1 |
||
symantec norton antivirus 2005 |
||
symantec norton antivirus 2006 |
||
symantec norton antivirus 9.0.3.1000 |
||
symantec norton antivirus 9.0.4 |
||
symantec norton personal firewall 2006 |
||
symantec norton system works 2005 |
Vulmon