Vulnerability Name: CVE-2006-4855 (CCN-28960) Assigned: 2006-09-15 Published: 2006-09-15 Updated: 2018-10-17 Summary: The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data. CVSS v3 Severity: 5.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): RequiredScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): High
CVSS v2 Severity: 4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C 3.9 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Complete
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C 3.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C/E:POC/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAthentication (Au): Single_InstanceImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Complete
Vulnerability Type: CWE-399 Vulnerability Consequences: Denial of Service References: Source: CCNSymantec Norton Insufficient validation of 'SymEvent' driver input buffer CVE-2006-4855 Symantec Multiple Products Denial of Service 21938 1591 http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html Norton Anti-Virus SymEvent Driver Lets Local Users Deny Service 1016889 Norton Personal Firewall SymEvent Driver Lets Local Users Deny Service 1016892 Norton Internet Security SymEvent Driver Lets Local Users Deny Service 1016893 Norton System Works SymEvent Driver Lets Local Users Deny Service 1016894 Symantec Client Security SymEvent Driver Lets Local Users Deny Service 1016895 pcAnywhere SymEvent Driver Lets Local Users Deny Service 1016896 Symantec Anti Virus SymEvent Driver Lets Local Users Deny Service 1016897 Symantec Host IDS SymEvent Driver Lets Local Users Deny Service 1016898 http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php Symantec Norton Personal Firewall \Device\SymEvent Memory Corruption DoS Symantec Norton Personal Firewall SymTDI Driver Local DoS 20060915 Symantec Norton Insufficient validation of 'SymEvent' driver input buffer 20051 Symantec Multiple Products SymEvent Driver Local Denial of Service Vulnerability SymEvent Driver Local Access System Denial of Service Overview- Symantec Corp. ADV-2006-3636 symantec-firewall-symevent-dos(28960) symantec-firewall-symevent-dos(28960) Vulnerable Configuration: Configuration 1 :cpe:/a:symantec:client_security:1.0:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.0.0_b8.01.9378:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.0.1:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.0.1_build_8.01.425a:mr1:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.0.1_build_8.01.429c:mr2:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.0.1_build_8.01.501:mr9:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.0_build_8.01.9374:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.1:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.1.1:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.1.1_build_393:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.1.1_mr6_b8.1.1.266:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:1.1_stm_b8.1.0.825a:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:2.0:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:* OR cpe:/a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:* OR cpe:/a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:* OR cpe:/a:symantec:client_security:2.0.5_build_1100:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:3.0:*:*:*:*:*:*:* OR cpe:/a:symantec:client_security:3.1:*:*:*:*:*:*:* OR cpe:/a:symantec:host_ids:*:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:2.1:*:ms_exchange:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.0:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.0.1:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.0.1.425a:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.0.1.425c:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.0.1.501:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.0.1.9374:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.0.1.9378:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.1.0.825a:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.1.1:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.1.1.366:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.1.1.377:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.1.1_build393:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:2003:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:2003:*:professional:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:2004:*:professional:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:2005:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:2006:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_antivirus:2007:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_internet_security:2003:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_internet_security:2003:*:professional:*:*:*:*:* OR cpe:/a:symantec:norton_internet_security:2004:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:* OR cpe:/a:symantec:norton_internet_security:2005:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:* OR cpe:/a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:* OR cpe:/a:symantec:norton_internet_security:2007:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_system_works:2003_professional_edition:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_system_works:2004:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_system_works:2004_professional_edition:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_system_works:2005:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_system_works:2005_premier:*:*:*:*:*:*:* OR cpe:/a:symantec:norton_system_works:2006:*:*:*:*:*:*:* OR cpe:/a:symantec:pcanywhere:11.5:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:* BACK
symantec client security 1.0
symantec client security 1.0.0_b8.01.9378
symantec client security 1.0.1
symantec client security 1.0.1_build_8.01.425a mr1
symantec client security 1.0.1_build_8.01.429c mr2
symantec client security 1.0.1_build_8.01.434 mr3
symantec client security 1.0.1_build_8.01.437
symantec client security 1.0.1_build_8.01.446 mr4
symantec client security 1.0.1_build_8.01.457 mr5
symantec client security 1.0.1_build_8.01.460 mr6
symantec client security 1.0.1_build_8.01.464 mr7
symantec client security 1.0.1_build_8.01.471 mr8
symantec client security 1.0.1_build_8.01.501 mr9
symantec client security 1.0_build_8.01.9374
symantec client security 1.1
symantec client security 1.1.1
symantec client security 1.1.1_build_393
symantec client security 1.1.1_mr1_build_8.1.1.314a
symantec client security 1.1.1_mr2_build_8.1.1.319
symantec client security 1.1.1_mr3_build_8.1.1.323
symantec client security 1.1.1_mr4_build_8.1.1.329
symantec client security 1.1.1_mr5_build_8.1.1.336
symantec client security 1.1.1_mr6_b8.1.1.266
symantec client security 1.1_stm_b8.1.0.825a
symantec client security 2.0
symantec client security 2.0.1_build_9.0.1.1000 mr1
symantec client security 2.0.2_build_9.0.2.1000 mr2
symantec client security 2.0.3_build_9.0.3.1000 mr3
symantec client security 2.0.5_build_1100
symantec client security 2.0_scf_7.1
symantec client security 2.0_stm_build_9.0.0.338
symantec client security 3.0
symantec client security 3.1
symantec host ids *
symantec norton antivirus 2.1
symantec norton antivirus 8.0
symantec norton antivirus 8.0.1
symantec norton antivirus 8.0.1.425a
symantec norton antivirus 8.0.1.425c
symantec norton antivirus 8.0.1.501
symantec norton antivirus 8.0.1.9374
symantec norton antivirus 8.0.1.9378
symantec norton antivirus 8.1
symantec norton antivirus 8.1.0.825a
symantec norton antivirus 8.1.1
symantec norton antivirus 8.1.1.319
symantec norton antivirus 8.1.1.323
symantec norton antivirus 8.1.1.329
symantec norton antivirus 8.1.1.366
symantec norton antivirus 8.1.1.377
symantec norton antivirus 8.1.1_build8.1.1.314a
symantec norton antivirus 8.1.1_build393
symantec norton antivirus 8.01.434
symantec norton antivirus 8.01.437
symantec norton antivirus 8.01.446
symantec norton antivirus 8.01.457
symantec norton antivirus 8.01.460
symantec norton antivirus 8.01.464
symantec norton antivirus 8.01.471
symantec norton antivirus 9.0
symantec norton antivirus 9.0.0.338
symantec norton antivirus 9.0.1.1.1000
symantec norton antivirus 9.0.2.1000
symantec norton antivirus 9.0.3.1000
symantec norton antivirus 9.0.4
symantec norton antivirus 9.0.5
symantec norton antivirus 9.0.5.1100
symantec norton antivirus 10.0
symantec norton antivirus 10.0.2.2000
symantec norton antivirus 10.0.2.2001
symantec norton antivirus 10.0.2.2002
symantec norton antivirus 10.0.2.2010
symantec norton antivirus 10.0.2.2011
symantec norton antivirus 10.0.2.2020
symantec norton antivirus 10.0.2.2021
symantec norton antivirus 10.1
symantec norton antivirus 2003
symantec norton antivirus 2003
symantec norton antivirus 2004
symantec norton antivirus 2005
symantec norton antivirus 2006
symantec norton antivirus 2007
symantec norton internet security 2003
symantec norton internet security 2003
symantec norton internet security 2004
symantec norton internet security 2004
symantec norton internet security 2005
symantec norton internet security 2005
symantec norton internet security 2006
symantec norton internet security 2007
symantec norton personal firewall 2003
symantec norton personal firewall 2004
symantec norton personal firewall 2005
symantec norton personal firewall 2006
symantec norton system works 2003_professional_edition
symantec norton system works 2004
symantec norton system works 2004_professional_edition
symantec norton system works 2005
symantec norton system works 2005_premier
symantec norton system works 2006
symantec pcanywhere 11.5
symantec norton personal firewall 2006_9.1.0.33
Denotes that component is vulnerable