SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:L/AC:L/Au:N/C:N/I:N/A:C
Vendors Products
Symantec
  • Norton Internet Security
  • Norton Antivirus
  • Norton Antispam
  • Antivirus
  • Client Security
  • Norton Personal Firewall
  • Norton System Works
  • Norton 360

Configuration 1 [-]

OR cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_360:1.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antispam:2004:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antispam:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2004:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2008:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*
References
Link Resource
http://osvdb.org/34692
http://secunia.com/advisories/24677 Vendor Advisory
http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html
http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php Vendor Advisory
http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php
http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php
http://www.securityfocus.com/archive/1/464456/100/0/threaded
http://www.securityfocus.com/archive/1/479830/100/0/threaded
http://www.securityfocus.com/bid/23241 Exploit
http://www.securitytracker.com/id?1017837 Patch
http://www.securitytracker.com/id?1017838 Patch
http://www.securitytracker.com/id?1021386
http://www.securitytracker.com/id?1021387
http://www.securitytracker.com/id?1021388
http://www.securitytracker.com/id?1021389
http://www.vupen.com/english/advisories/2007/1192 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33352
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-04-02T22:00:00

Updated: 2018-10-16T14:57:01

Reserved: 2007-04-02T00:00:00

Link: CVE-2007-1793

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2007-04-02T22:19:00.000

Modified: 2018-10-16T16:40:48.333

Link: CVE-2007-1793

JSON object: View

cve-icon Redhat Information

No data.

CWE