Vulnerability Name:

CVE-2006-4802 (CCN-28937)

Assigned:2006-09-13
Published:2006-09-13
Updated:2018-10-17
Summary:Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a "second format string vulnerability" as found by the vendor.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
3.4 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2006-4802

Source: CCN
Type: SA21884
Symantec Products Alert Notification Two Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
21884

Source: CCN
Type: SYM06-017
Symantec AntiVirus Corporate Edition Elevation of Privilege

Source: CONFIRM
Type: UNKNOWN
http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html

Source: CCN
Type: SECTRACK ID: 1016842
Symantec Anti Virus Corporate Edition Custom Notification Format String Bug Lets Local Users Gain Elevated Privileges

Source: SECTRACK
Type: UNKNOWN
1016842

Source: BUGTRAQ
Type: UNKNOWN
20060918 Symantec Security Advisory: Symantec AntiVirus Corporate Edition

Source: BID
Type: UNKNOWN
19986

Source: CCN
Type: BID-19986
Symantec AntiVirus Corporate Edition Multiple Local Format String Vulnerabilities

Source: XF
Type: UNKNOWN
symantecantivirus-alert-dos(28937)

Source: XF
Type: UNKNOWN
symantecantivirus-alert-dos(28937)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:symantec:client_security:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.2:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.3:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.4:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.5:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.6:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.7:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.8:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.9:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:symantec:client_security:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:9.0:-:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.9:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.8:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.7:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.6:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.5:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.4:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.3:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:1.2:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    symantec client security 1.0
    symantec client security 1.0.1
    symantec client security 1.0.1_build_8.01.434 mr3
    symantec client security 1.0.1_build_8.01.437
    symantec client security 1.0.1_build_8.01.446 mr4
    symantec client security 1.0.1_build_8.01.457 mr5
    symantec client security 1.0.1_build_8.01.460 mr6
    symantec client security 1.0.1_build_8.01.464 mr7
    symantec client security 1.0.1_build_8.01.471 mr8
    symantec client security 1.1
    symantec client security 1.1.1
    symantec client security 1.1.1_mr1_build_8.1.1.314a
    symantec client security 1.1.1_mr2_build_8.1.1.319
    symantec client security 1.1.1_mr3_build_8.1.1.323
    symantec client security 1.1.1_mr4_build_8.1.1.329
    symantec client security 1.1.1_mr5_build_8.1.1.336
    symantec client security 1.2
    symantec client security 1.3
    symantec client security 1.4
    symantec client security 1.5
    symantec client security 1.6
    symantec client security 1.7
    symantec client security 1.8
    symantec client security 1.9
    symantec client security 2.0
    symantec client security 2.0.1
    symantec client security 2.0.2
    symantec client security 2.0.3
    symantec client security 2.0.4
    symantec norton antivirus 8.1
    symantec norton antivirus 8.1.1.319
    symantec norton antivirus 8.1.1.323
    symantec norton antivirus 8.1.1.329
    symantec norton antivirus 8.1.1_build8.1.1.314a
    symantec norton antivirus 9.0
    symantec norton antivirus 9.0.1
    symantec norton antivirus 9.0.1.1.1000
    symantec norton antivirus 9.0.1.1000
    symantec norton antivirus 9.0.2
    symantec norton antivirus 9.0.4
    symantec client security 1.0
    symantec client security 2.0.1
    symantec client security 2.0.2
    symantec client security 1.1
    symantec client security 1.0.1
    symantec client security 1.0.1_build_8.01.434 mr3
    symantec client security 1.0.1_build_8.01.437
    symantec client security 1.0.1_build_8.01.446 mr4
    symantec client security 1.0.1_build_8.01.457 mr5
    symantec client security 1.0.1_build_8.01.460 mr6
    symantec client security 1.0.1_build_8.01.464 mr7
    symantec client security 1.0.1_build_8.01.471 mr8
    symantec client security 1.1.1
    symantec client security 2.0.3
    symantec client security 2.0.4
    symantec antivirus 9.0 -
    symantec client security 2.0
    symantec client security 1.9
    symantec client security 1.8
    symantec client security 1.7
    symantec client security 1.6
    symantec client security 1.5
    symantec client security 1.4
    symantec client security 1.3
    symantec client security 1.2