CVE-2006-4855 Information

Description

The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33 and other versions of Norton Personal Firewall Internet Security AntiVirus SystemWorks Symantec Client Security SCS 1.x 2.x 3.0 and 3.1 Symantec AntiVirus Corporate Edition SAVCE 8.x 9.x 10.0 and 10.1 Symantec pcAnywhere 11.5 only and Symantec Host allows local users to cause a denial of service (system crash) via invalid data as demonstrated by calling DeviceIoControl to send the data.

Reference

http://secunia.com/advisories/21938 http://securityreason.com/securityalert/1591 http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html http://securitytracker.com/id?1016889 http://securitytracker.com/id?1016892 http://securitytracker.com/id?1016893 http://securitytracker.com/id?1016894 http://securitytracker.com/id?1016895 http://securitytracker.com/id?1016896 http://securitytracker.com/id?1016897 http://securitytracker.com/id?1016898 http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php http://www.securityfocus.com/archive/1/446111/100/0/threaded http://www.securityfocus.com/bid/20051 http://www.vupen.com/english/advisories/2006/3636 https://exchange.xforce.ibmcloud.com/vulnerabilities/28960