Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-1793Improper Input Validation in Antivirus

CWE-20Improper Input Validation4 documents4 sources
Severity
4.9MEDIUMNVD
EPSS
0.3%
top 48.56%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
8
Symantec AntivirusSymantec Client SecuritySymantec Norton 360+5 more
Timeline
PublishedApr 2
Latest updateMay 1

Description

SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages8 packages

NVDsymantec/norton_antispam2004, 2005+1
NVDsymantec/norton_antivirus5 versions+4

Patches

Patch: www.securitytracker.comPatch: www.securitytracker.comPatch: www.securitytracker.com

🔴Vulnerability Details

2
GHSA
GHSA-6jrx-j7r6-m2m9: SPBBCDrv2022-05-01
CVEList
CVE-2007-1793: SPBBCDrv2007-04-02

💥Exploits & PoCs

1
Exploit-DB
Symantec (Multiple Products) - 'SPBBCDrv' Driver Local Denial of Service2007-04-01
CVE-2007-1793 — Improper Input Validation in Symantec | cvebase