Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   


Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker

Category:   Application (Security)  >   Symantec Anti Virus Vendors:   Symantec
Symantec Anti Virus Corporate Edition Custom Notification Format String Bug Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1016842
SecurityTracker URL:
CVE Reference:   CVE-2006-3454, CVE-2006-4802   (Links to External Site)
Updated:  Nov 21 2006
Original Entry Date:  Sep 13 2006
Impact:   Execution of arbitrary code via local system, Root access via local system, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Corporate Edition, prior to 10.1
Description:   A vulnerability was reported in Symantec Anti Virus Corporate Edition. A local user can obtain elevated privileges on the target system.

The customized alert notification function does not properly validate user-supplied input. A local user can supply a specially crafted Tamper Protection and Virus Alert Notification message that contains format string characters. When triggered, the message will execute arbitrary code on the target system.

Another format string flaw allows a local user to cause the Real Time Virus Scan service to crash when a specially crafted notification message is displayed in response to detection of a malicious file.

Symantec Client Security is also affected.

Symantec credits Deral Heiland of Layered Defense with reporting this vulnerability.

Impact:   A local user can obtain elevated privileges on the target system.
Solution:   The vendor has issued the following fixed versions:

SAV 10 MR2 MP2 (SAV and later
SAV 9 MR5 MP1 (SAV )and later
SAV 8.1.1 MR9 build 393 and later

The Symantec advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Input validation error, State error
Underlying OS:   Windows (Any)

Message History:   None.

 Source Message Contents

Date:  Wed, 13 Sep 2006 15:26:21 -0400
Subject:  Symantec AntiVirus Corporate Edition Elevation of Privilege


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

Copyright 2015, LLC