Vulnerability Details : CVE-2006-4855
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2006-4855
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ % EPSS Score History EPSS FAQ
CVSS scores for CVE-2006-4855
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
CWE ids for CVE-2006-4855
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2006-4855
-
http://www.securityfocus.com/archive/1/446111/100/0/threaded
-
http://securitytracker.com/id?1016896
-
http://securityreason.com/securityalert/1591
-
http://securitytracker.com/id?1016897
-
http://securitytracker.com/id?1016895
-
http://securitytracker.com/id?1016898
-
http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php
Vendor Advisory
-
http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html
-
http://www.vupen.com/english/advisories/2006/3636
Vendor Advisory
-
http://securitytracker.com/id?1016889
-
http://securitytracker.com/id?1016892
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/28960
-
http://securitytracker.com/id?1016893
-
http://www.securityfocus.com/bid/20051
Exploit
-
http://securitytracker.com/id?1016894
Products affected by CVE-2006-4855
- cpe:2.3:a:symantec:norton_antivirus:2003:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:2.1:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1.366:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1.377:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.0.825a:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1.1_build393:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:2003:*:professional:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:2004:*:professional:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.0.1.9374:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.0.1.9378:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.0.1:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.0:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.0.1.425a:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.0.1.425c:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.0.1.501:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:*
- cpe:2.3:a:symantec:norton_internet_security:2003:*:professional:*:*:*:*:*
- cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_system_works:2005_premier:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_system_works:2004_professional_edition:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:norton_system_works:2003_professional_edition:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_build_393:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1_stm_b8.1.0.825a:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1_mr6_b8.1.1.266:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.425a:mr1:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.429c:mr2:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.501:mr9:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0_build_8.01.9374:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0.5_build_1100:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.0_b8.01.9378:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:host_ids:*:*:*:*:*:*:*:*