CVE-2006-4927
published 2006-10-10CVE-2006-4927: The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow…
PriorityP424medium4.6CVSS 2.0
AVLACLAuNCPIPAP
EXPLOIT
EPSS
1.66%
73.7th percentile
The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions (1) 0x222AD3, (2) 0x222AD7, and (3) 0x222ADB.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Symantec AntiVirus - IOCTL Kernel Privilege Escalation (1)
exploitdb·2006-08-26
CVE-2006-4927 Symantec AntiVirus - IOCTL Kernel Privilege Escalation (1)
Symantec AntiVirus - IOCTL Kernel Privilege Escalation (1)
---
/*
source: https://www.securityfocus.com/bid/20360/info
Symantec AntiVirus is prone to a privilege-escalation vulnerability.
Local attackers can exploit this issue to corrupt memory and execute arbitrary code with kernel-level privileges. Successful exploits may facilitate a complete system compromise.
This issue affects only Symantec and Norton antivirus products running on Microsoft Windows NT, Windows 2000, and Windows XP.
*/
////////////////////////////////////
///// Norton Internet Security
////////////////////////////////////
//// For educational purposes ONLY
////
//// Kernel Privilege Escalation #1
//// Exploit
//// Rub�n Santamarta
//// www.reversemode.com
//// 26/08/2006
////
////////////////////////////////////
Exploit-DB
Symantec AntiVirus - IOCTL Kernel Privilege Escalation (2)
exploitdb·2006-08-26
CVE-2006-4927 Symantec AntiVirus - IOCTL Kernel Privilege Escalation (2)
Symantec AntiVirus - IOCTL Kernel Privilege Escalation (2)
---
// source: https://www.securityfocus.com/bid/20360/info
// Symantec AntiVirus is prone to a privilege-escalation vulnerability.
// Local attackers can exploit this issue to corrupt memory and execute arbitrary code with kernel-level privileges. Successful exploits may facilitate a complete system compromise.
// This issue affects only Symantec and Norton antivirus products running on Microsoft Windows NT, Windows 2000, and Windows XP.
/////////////////////////////////////////////
///// Norton Internet Security /////
/////////////////////////////////////////////
//// For educational purposes ONLY
/////////////////////////////////////////////
//// Ring0 xploit
//// Rub�n Santamarta
//// www.reversemode.com
//// 26/08/2006
/
No writeups or analysis indexed.
http://secunia.com/advisories/22288http://securityreason.com/securityalert/1690http://securitytracker.com/id?1016994http://securitytracker.com/id?1016995http://securitytracker.com/id?1016996http://securitytracker.com/id?1016997http://securitytracker.com/id?1016998http://securitytracker.com/id?1016999http://securitytracker.com/id?1017000http://securitytracker.com/id?1017001http://securitytracker.com/id?1017002http://www.idefense.com/intelligence/vulnerabilities/display.php?id=417http://www.kb.cert.org/vuls/id/946820http://www.securityfocus.com/archive/1/447849/100/0/threadedhttp://www.securityfocus.com/bid/20360http://www.symantec.com/avcenter/security/Content/2006.10.05a.htmlhttp://www.vupen.com/english/advisories/2006/3928https://exchange.xforce.ibmcloud.com/vulnerabilities/29360http://secunia.com/advisories/22288http://securityreason.com/securityalert/1690http://securitytracker.com/id?1016994http://securitytracker.com/id?1016995http://securitytracker.com/id?1016996http://securitytracker.com/id?1016997http://securitytracker.com/id?1016998http://securitytracker.com/id?1016999http://securitytracker.com/id?1017000http://securitytracker.com/id?1017001http://securitytracker.com/id?1017002http://www.idefense.com/intelligence/vulnerabilities/display.php?id=417http://www.kb.cert.org/vuls/id/946820http://www.securityfocus.com/archive/1/447849/100/0/threadedhttp://www.securityfocus.com/bid/20360http://www.symantec.com/avcenter/security/Content/2006.10.05a.htmlhttp://www.vupen.com/english/advisories/2006/3928https://exchange.xforce.ibmcloud.com/vulnerabilities/29360
2006-10-10
Published