Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Security)  >   Symantec Mail Security Vendors:   Symantec
Symantec Mail Security NAVEX15/NAVENG Device Drivers Let Local Users Gain Kernel Level Privileges
SecurityTracker Alert ID:  1017001
SecurityTracker URL:
CVE Reference:   CVE-2006-4927   (Links to External Site)
Date:  Oct 5 2006
Impact:   Execution of arbitrary code via local system, Root access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Symantec Mail Security in the NAVEX15.SYS and NAVENG.SYS device drivers. A local user can obtain kernel level privileges on the target system.

A local user can send a specially crafted I/O request packet to the IOCTL handler function to cause memory to be overwritten and arbitrary code to be executed on the target system. The code will run with kernel-level privileges.

NAVEX15.SYS and NAVENG.SYS versions prior to 20061.3.0.12 are affected.

Symantec Mail Security for Domino, Symantec Mail Security for Exchange, and Symantec Mail Security for SMTP are affected.

The vendor was notified on September 19, 2006.

Ruben Santamarta and iDefense reported this vulnerability.

Impact:   A local user can obtain kernel-level privileges on the target system.
Solution:   The vendor has issued a fix as part of the anti-virus definitions dated October 4, 2006 revision 9 (or later). The vendor has issued fixed versions of the NAVEX15.SYS and NAVENG.SYS drivers (20061.3.0.12 and later) as part of the update.

The Symantec advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Input validation error
Underlying OS:  Windows (Any)

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC