Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-1476

CWE-20 — Improper Input Validation4 documents4 sources

Severity

1.9LOW

EPSS

0.3%

top 47.93%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Symantec Norton Personal Firewall Symantec Client Security Symantec Norton Antispam +3 more

Timeline

PublishedMar 16

Latest updateMay 1

Description

The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855.

CVSS vector

AV:L/AC:M/C:N/I:N/A:PExploitability: 3.4 | Impact: 2.9

Affected Packages6 packages

▶NVDsymantec/norton_personal_firewall2006_9.1.1.7+3

▶NVDsymantec/norton_internet_security2005, 2006+1

▶NVDsymantec/norton_antivirus33 versions+32

▶NVDsymantec/norton_system_works2005, 2006+1

▶NVDsymantec/norton_antispam2005

🔴Vulnerability Details

GHSA

GHSA-qgr6-v6hp-mh5r: The SymTDI device driver (SYMTDI↗2022-05-01

▶

CVEList

CVE-2007-1476: The SymTDI device driver (SYMTDI↗2007-03-16

▶

💥Exploits & PoCs

Exploit-DB

Symantec 'SYMTDI.SYS' Device Driver - Local Denial of Service↗2007-03-15

▶