SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-04-02T22:00:00
Updated: 2018-10-16T14:57:01
Reserved: 2007-04-02T00:00:00
Link: CVE-2007-1793
JSON object: View
NVD Information
Status : Modified
Published: 2007-04-02T22:19:00.000
Modified: 2018-10-16T16:40:48.333
Link: CVE-2007-1793
JSON object: View
Redhat Information
No data.
CWE