CVE - CVE-2007-1793

CVE-ID
CVE-2007-1793	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:23241 URL:http://www.securityfocus.com/bid/23241 BUGTRAQ:20070401 Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability URL:http://www.securityfocus.com/archive/1/464456/100/0/threaded BUGTRAQ:20070918 Plague in (security) software drivers & BSDOhook utility URL:http://www.securityfocus.com/archive/1/479830/100/0/threaded CONFIRM:http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html MISC:http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php MISC:http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php MISC:http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php OSVDB:34692 URL:~~http://osvdb.org/34692~~ (Obsolete source) SECTRACK:1017837 URL:http://www.securitytracker.com/id?1017837 SECTRACK:1017838 URL:http://www.securitytracker.com/id?1017838 SECTRACK:1021386 URL:http://www.securitytracker.com/id?1021386 SECTRACK:1021387 URL:http://www.securitytracker.com/id?1021387 SECTRACK:1021388 URL:http://www.securitytracker.com/id?1021388 SECTRACK:1021389 URL:http://www.securitytracker.com/id?1021389 SECUNIA:24677 URL:http://secunia.com/advisories/24677 VUPEN:ADV-2007-1192 URL:~~http://www.vupen.com/english/advisories/2007/1192~~ (Obsolete source) XF:symantec-firewall-ssdt-dos(33352) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/33352
Assigning CNA
MITRE Corporation
Date Record Created
20070402	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070402)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)