Vulnerability Name:

CVE-2007-1476 (CCN-33003)

Assigned:2007-03-15
Published:2007-03-15
Updated:2018-10-16
Summary:The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855.
CVSS v3 Severity:6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:1.9 Low (CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P)
1.4 Low (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
3.9 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-20
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: Full-Disclosure Mailing List, Thu Mar 15 2007 - 07:06:43 CDT
Norton Insufficient validation of 'SymTDI' driver input buffer

Source: MITRE
Type: CNA
CVE-2007-1476

Source: FULLDISC
Type: UNKNOWN
20070315 Norton Insufficient validation of 'SymTDI' driver

Source: OSVDB
Type: UNKNOWN
35088

Source: SREASON
Type: UNKNOWN
2438

Source: CCN
Type: SECTRACK ID: 1018656
Symantec Anti Virus SYMTDI.SYS IOCTL Validation Flaw Lets Local Users Deny Service

Source: SECTRACK
Type: UNKNOWN
1018656

Source: MISC
Type: Vendor Advisory
http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php

Source: CCN
Type: OSVDB ID: 35088
Symantec Norton Personal Firewall SymTDI Driver Local DoS

Source: BUGTRAQ
Type: UNKNOWN
20070315 Norton Insufficient validation of 'SymTDI' driver input buffer

Source: BID
Type: UNKNOWN
22977

Source: CCN
Type: BID-22977
Symantec SYMTDI.SYS Device Driver Local Denial of Service Vulnerability

Source: CCN
Type: SYM07-024
Symantec SYMTDI.SYS Device Driver Local Denial of Service

Source: CONFIRM
Type: UNKNOWN
http://www.symantec.com/avcenter/security/Content/2007.09.05.html

Source: CCN
Type: Symantec Norton Firewall Web site
Norton Personal Firewall: Overview - Symantec Corp.

Source: XF
Type: UNKNOWN
symantec-firewall-symtdi-dos(33003)

Source: XF
Type: UNKNOWN
symantec-firewall-symtdi-dos(33003)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:symantec:client_security:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0:*:scf_7.1:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0:build_9.0.0.338:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0:build_9.0.0.338:stm:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.4:mr4_build1000:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.5_build_1100:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.5_build_1100_mp1:mr5:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0.6:mr6:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1.394:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1.396:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1.400:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1.401:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antispam:2005:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:3.0:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:9.0.6.1000:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.0.1.1000:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.0.1.1007:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.0.1.1008:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.1.4:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.1.4.4010:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.1.394:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.1.396:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.1.400:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.1.401:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:*:*:*:*:*:*:*:* (Version <= 2006_9.1.1.7)
  • OR cpe:/a:symantec:norton_system_works:2005:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_system_works:2006:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:-:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.1.1::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:norton_personal_firewall:2006_9.1.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:norton_antivirus:10.0.1.1000::corporate:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    symantec client security 2.0
    symantec client security 2.0
    symantec client security 2.0 build_9.0.0.338
    symantec client security 2.0 build_9.0.0.338
    symantec client security 2.0.1
    symantec client security 2.0.1_build_9.0.1.1000 mr1
    symantec client security 2.0.2
    symantec client security 2.0.2_build_9.0.2.1000 mr2
    symantec client security 2.0.3
    symantec client security 2.0.3_build_9.0.3.1000 mr3
    symantec client security 2.0.4
    symantec client security 2.0.4 mr4_build1000
    symantec client security 2.0.5
    symantec client security 2.0.5_build_1100
    symantec client security 2.0.5_build_1100_mp1 mr5
    symantec client security 2.0.6
    symantec client security 2.0.6 mr6
    symantec client security 2.0_scf_7.1
    symantec client security 2.0_stm_build_9.0.0.338
    symantec client security 2.1
    symantec client security 3.0
    symantec client security 3.0.0.359
    symantec client security 3.0.1.1000
    symantec client security 3.0.1.1001
    symantec client security 3.0.1.1007
    symantec client security 3.0.1.1008
    symantec client security 3.0.1.1009
    symantec client security 3.0.2
    symantec client security 3.0.2.2000
    symantec client security 3.0.2.2001
    symantec client security 3.0.2.2002
    symantec client security 3.0.2.2010
    symantec client security 3.0.2.2011
    symantec client security 3.0.2.2020
    symantec client security 3.0.2.2021
    symantec client security 3.1
    symantec client security 3.1.0.396
    symantec client security 3.1.0.401
    symantec client security 3.1.394
    symantec client security 3.1.396
    symantec client security 3.1.400
    symantec client security 3.1.401
    symantec norton antispam 2005
    symantec norton antivirus 3.0
    symantec norton antivirus 9.0
    symantec norton antivirus 9.0.0.338
    symantec norton antivirus 9.0.1
    symantec norton antivirus 9.0.1.1.1000
    symantec norton antivirus 9.0.1.1000
    symantec norton antivirus 9.0.2
    symantec norton antivirus 9.0.2.1000
    symantec norton antivirus 9.0.3.1000
    symantec norton antivirus 9.0.4
    symantec norton antivirus 9.0.5
    symantec norton antivirus 9.0.5.1100
    symantec norton antivirus 9.0.6.1000
    symantec norton antivirus 10.0
    symantec norton antivirus 10.0.1.1000
    symantec norton antivirus 10.0.1.1007
    symantec norton antivirus 10.0.1.1008
    symantec norton antivirus 10.0.2.2000
    symantec norton antivirus 10.0.2.2001
    symantec norton antivirus 10.0.2.2002
    symantec norton antivirus 10.0.2.2010
    symantec norton antivirus 10.0.2.2011
    symantec norton antivirus 10.0.2.2020
    symantec norton antivirus 10.0.2.2021
    symantec norton antivirus 10.1
    symantec norton antivirus 10.1.4
    symantec norton antivirus 10.1.4.4010
    symantec norton antivirus 10.1.394
    symantec norton antivirus 10.1.396
    symantec norton antivirus 10.1.400
    symantec norton antivirus 10.1.401
    symantec norton antivirus 2005
    symantec norton antivirus 2006
    symantec norton internet security 2005
    symantec norton internet security 2006
    symantec norton personal firewall 2005
    symantec norton personal firewall 2006
    symantec norton personal firewall 2006_9.1.0.33
    symantec norton personal firewall *
    symantec norton system works 2005
    symantec norton system works 2006
    symantec norton internet security 2005
    symantec norton personal firewall 2006_9.1.0.33
    symantec client security -
    symantec norton internet security 2006
    symantec antivirus 10.0.1.1
    symantec norton personal firewall 2006_9.1.1.7
    symantec norton antivirus 10.0.1.1000