CVE-2006-4927 Information

Feb 14, 2021 cve

Description

The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later as used in Symantec AntiVirus and security products allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions (1) 0x222AD3 (2) 0x222AD7 and (3) 0x222ADB.

Reference

http://secunia.com/advisories/22288 http://securityreason.com/securityalert/1690 http://securitytracker.com/id?1016994 http://securitytracker.com/id?1016995 http://securitytracker.com/id?1016996 http://securitytracker.com/id?1016997 http://securitytracker.com/id?1016998 http://securitytracker.com/id?1016999 http://securitytracker.com/id?1017000 http://securitytracker.com/id?1017001 http://securitytracker.com/id?1017002 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=417 http://www.kb.cert.org/vuls/id/946820 http://www.securityfocus.com/archive/1/447849/100/0/threaded http://www.securityfocus.com/bid/20360 http://www.symantec.com/avcenter/security/Content/2006.10.05a.html http://www.vupen.com/english/advisories/2006/3928 https://exchange.xforce.ibmcloud.com/vulnerabilities/29360

Share on: