Norton System Works Input Validation Flaw in SPBBCDRV.SYS Device Driver Lets Local Users Deny Service
|
|
SecurityTracker Alert ID: 1021387 |
|
SecurityTracker URL: http://securitytracker.com/id/1021387
|
|
CVE Reference:
CVE-2007-1793
(Links to External Site)
|
Date: Dec 12 2008
|
Impact:
Denial of service via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2004, 2005, 2006
|
Description:
A vulnerability was reported in Norton System Works. A local user can cause denial of service conditions.
A local user can send specially crafted parameter values to the NtCreateMutant and NtOpenEvent functions of the 'SPBBCDRV.SYS' device driver to cause the target system to crash.
Matousec-Transparent reported this vulnerability.
[Editor's note: This vulnerability was originally reported in April 2007 as affecting Norton Personal Firewall and Norton Internet Security. See Alert ID 1017837 and 1017838.]
|
Impact:
A local user can cause the target system to crash.
|
Solution:
The vendor has issued a fix, available via LiveUpdate.
The vendor's advisory is available at:
http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html
|
Vendor URL: securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 11 Dec 2008 18:58:56 -0500
Subject: Norton 360, Norton AntiSpam, Norton AntiVirus, Norton Internet Security, Norton Personal Firewall, Norton System Works, Symantec AntiVirus, Symantec Client Security
|
http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html
CVE-2007-1793
Norton 360
Norton AntiSpam 2004, 2005
Norton AntiVirus 2004 through 2008
Norton Internet Security 2004 through 2008
Norton Personal Firewall 2004, 2005, 2006
Norton System Works 2004, 2005, 2006
Symantec AntiVirus Corporate Edition 10.0.x, 10.1.x
Symantec Client Security
|
|
