The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:L/AC:M/Au:N/C:N/I:N/A:P
Vendors Products
Symantec
  • Norton Internet Security
  • Norton Antivirus
  • Norton Antispam
  • Norton Personal Firewall
  • Client Security
  • Norton System Works

Configuration 1 [-]

OR cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0:*:scf_7.1:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0:build_9.0.0.338:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0:build_9.0.0.338:stm:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.4:mr4_build1000:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.5_build_1100:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.5_build_1100_mp1:mr5:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0.6:mr6:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:2.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antispam:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:3.0:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0.6.1000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.1.1008:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.4:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.4.4010:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.394:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.396:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:10.1.401:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:*:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*
References
Link Resource
http://marc.info/?l=full-disclosure&m=117396596027148&w=2
http://osvdb.org/35088
http://securityreason.com/securityalert/2438
http://securitytracker.com/id?1018656
http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php Vendor Advisory
http://www.securityfocus.com/archive/1/462926/100/0/threaded
http://www.securityfocus.com/bid/22977
http://www.symantec.com/avcenter/security/Content/2007.09.05.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/33003
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-03-16T21:00:00

Updated: 2018-10-16T14:57:01

Reserved: 2007-03-16T00:00:00

Link: CVE-2007-1476

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2007-03-16T21:19:00.000

Modified: 2018-10-16T16:38:43.863

Link: CVE-2007-1476

JSON object: View

cve-icon Redhat Information

No data.

CWE