Improper input validation in Symantec Antivirus
CVE-2007-1793
SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.017 (74.5th percentile) — read the EPSS interpretation.
Affected products
- Symantec Antivirus — versions 10.0, 10.0.1, 10.0.1.1
- Symantec Client_security — versions 3.0, 3.0.0.359, 3.0.1.1000
- Symantec Norton_360 — versions 1.0
- Symantec Norton_antispam — versions 2004, 2005
- Symantec Norton_antivirus — versions 2004, 2005, 2006
- Symantec Norton_internet_security — versions 2004, 2005, 2006
- Symantec Norton_personal_firewall — versions 2004, 2005, 2006
- Symantec Norton_system_works — versions 2004, 2005, 2006
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
- cve@mitre.org (x_refsource_MISC, Vendor Advisory)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (Patch, vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_CONFIRM)