CVE-2006-0166 — Norton System Works vulnerability

4 documents4 sources

Severity

7.5HIGHNVD

EPSS

1.1%

top 21.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Norton System Works

Timeline

PublishedJan 11

Latest updateMay 1

Description

Symantec Norton SystemWorks and SystemWorks Premier 2005 and 2006 stores temporary copies of files in the Norton Protected Recycle Bin NProtect directory, which is hidden from the FindFirst and FindNext Windows APIs and allows remote attackers to hide arbitrary files from virus scanners and other products.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDsymantec/norton_system_works4 versions+3

Patches

Patch: secunia.com ↗Patch: securityresponse.symantec.com ↗Patch: securitytracker.com ↗

🔴Vulnerability Details

GHSA

GHSA-wxmf-fmxq-57qq: Symantec Norton SystemWorks and SystemWorks Premier 2005 and 2006 stores temporary copies of files in the Norton Protected Recycle Bin NProtect direct↗2022-05-01

▶

CVEList

CVE-2006-0166: Symantec Norton SystemWorks and SystemWorks Premier 2005 and 2006 stores temporary copies of files in the Norton Protected Recycle Bin NProtect direct↗2006-01-11

▶

💥Exploits & PoCs

Exploit-DB

magiciso 5.0 build 0166 - Directory Traversal↗2006-04-28

▶