SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Security)  >   Symantec Anti Virus Vendors:   Symantec
Symantec Anti Virus Corporate Edition Custom Notification Format String Bug Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1016842
SecurityTracker URL:  http://securitytracker.com/id/1016842
CVE Reference:   CVE-2006-3454, CVE-2006-4802   (Links to External Site)
Updated:  Nov 21 2006
Original Entry Date:  Sep 13 2006
Impact:   Execution of arbitrary code via local system, Root access via local system, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Corporate Edition, prior to 10.1
Description:   A vulnerability was reported in Symantec Anti Virus Corporate Edition. A local user can obtain elevated privileges on the target system.

The customized alert notification function does not properly validate user-supplied input. A local user can supply a specially crafted Tamper Protection and Virus Alert Notification message that contains format string characters. When triggered, the message will execute arbitrary code on the target system.

Another format string flaw allows a local user to cause the Real Time Virus Scan service to crash when a specially crafted notification message is displayed in response to detection of a malicious file.

Symantec Client Security is also affected.

Symantec credits Deral Heiland of Layered Defense with reporting this vulnerability.

Impact:   A local user can obtain elevated privileges on the target system.
Solution:   The vendor has issued the following fixed versions:

SAV 10 MR2 MP2 (SAV 10.0.2.2020) and later
SAV 9 MR5 MP1 (SAV 9.0.5.1100 )and later
SAV 8.1.1 MR9 build 393 and later

The Symantec advisory is available at:

http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html

Vendor URL:  securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html (Links to External Site)
Cause:   Input validation error, State error
Underlying OS:   Windows (Any)

Message History:   None.


 Source Message Contents

Date:  Wed, 13 Sep 2006 15:26:21 -0400
Subject:  Symantec AntiVirus Corporate Edition Elevation of Privilege


http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html

CVE-2006-3454
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC