Vulnerability Details : CVE-2006-4855
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2006-4855
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ % EPSS Score History EPSS FAQ
CVSS scores for CVE-2006-4855
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
CWE ids for CVE-2006-4855
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2006-4855
-
http://www.securityfocus.com/archive/1/446111/100/0/threaded
-
http://securitytracker.com/id?1016896
-
http://securityreason.com/securityalert/1591
-
http://securitytracker.com/id?1016897
-
http://securitytracker.com/id?1016895
-
http://securitytracker.com/id?1016898
-
http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php
Vendor Advisory
-
http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html
-
http://www.vupen.com/english/advisories/2006/3636
Vendor Advisory
-
http://securitytracker.com/id?1016889
-
http://securitytracker.com/id?1016892
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/28960
-
http://securitytracker.com/id?1016893
-
http://www.securityfocus.com/bid/20051
Exploit
-
http://securitytracker.com/id?1016894
Products affected by CVE-2006-4855
- cpe:2.3:a:symantec:norton_antivirus:2003:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:2.1:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1.366:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1.377:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.0.825a:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1_build393:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:2003:*:professional:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:2004:*:professional:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.0.1.9374:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.0.1.9378:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.0.1:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.0:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.0.1.425a:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.0.1.425c:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.0.1.501:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2003:*:professional:*:*:*:*:*
- cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_system_works:2005_premier:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_system_works:2004_professional_edition:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_system_works:2003_professional_edition:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_build_393:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1_stm_b8.1.0.825a:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr6_b8.1.1.266:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.425a:mr1:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.429c:mr2:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.501:mr9:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0_build_8.01.9374:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0.5_build_1100:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.0_b8.01.9378:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:host_ids:*:*:*:*:*:*:*:*