CVE-2007-1476

Description

The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855.

Affected products

• Symantec / client_security2.0 – 2.0
• Symantec / client_security2.0 – 2.0
• Symantec / client_security2.0 – 2.0
• Symantec / client_security2.0 – 2.0
• Symantec / client_security2.0.1 – 2.0.1
• Symantec / client_security2.0.1_build_9.0.1.1000 – 2.0.1_build_9.0.1.1000
• Symantec / client_security2.0.2 – 2.0.2
• Symantec / client_security2.0.2_build_9.0.2.1000 – 2.0.2_build_9.0.2.1000
• Symantec / client_security2.0.3 – 2.0.3
• Symantec / client_security2.0.3_build_9.0.3.1000 – 2.0.3_build_9.0.3.1000
• Symantec / client_security2.0.4 – 2.0.4
• Symantec / client_security2.0.4 – 2.0.4
• Symantec / client_security2.0.5 – 2.0.5
• Symantec / client_security2.0.5_build_1100 – 2.0.5_build_1100
• Symantec / client_security2.0.5_build_1100_mp1 – 2.0.5_build_1100_mp1
• Symantec / client_security2.0.6 – 2.0.6
• Symantec / client_security2.0.6 – 2.0.6
• Symantec / client_security2.0_scf_7.1 – 2.0_scf_7.1
• Symantec / client_security2.0_stm_build_9.0.0.338 – 2.0_stm_build_9.0.0.338
• Symantec / client_security2.1 – 2.1
• Symantec / client_security3.0 – 3.0
• Symantec / client_security3.0.0.359 – 3.0.0.359
• Symantec / client_security3.0.1.1000 – 3.0.1.1000
• Symantec / client_security3.0.1.1001 – 3.0.1.1001
• Symantec / client_security3.0.1.1007 – 3.0.1.1007
• Symantec / client_security3.0.1.1008 – 3.0.1.1008
• Symantec / client_security3.0.1.1009 – 3.0.1.1009
• Symantec / client_security3.0.2 – 3.0.2
• Symantec / client_security3.0.2.2000 – 3.0.2.2000
• Symantec / client_security3.0.2.2001 – 3.0.2.2001
• Symantec / client_security3.0.2.2002 – 3.0.2.2002
• Symantec / client_security3.0.2.2010 – 3.0.2.2010
• Symantec / client_security3.0.2.2011 – 3.0.2.2011
• Symantec / client_security3.0.2.2020 – 3.0.2.2020
• Symantec / client_security3.0.2.2021 – 3.0.2.2021
• Symantec / client_security3.1 – 3.1
• Symantec / client_security3.1.0.396 – 3.1.0.396
• Symantec / client_security3.1.0.401 – 3.1.0.401
• Symantec / client_security3.1.394 – 3.1.394
• Symantec / client_security3.1.396 – 3.1.396
• Symantec / client_security3.1.400 – 3.1.400
• Symantec / client_security3.1.401 – 3.1.401
• Symantec / norton_antispam2005 – 2005
• Symantec / norton_antivirus3.0 – 3.0
• Symantec / norton_antivirus9.0 – 9.0
• Symantec / norton_antivirus9.0.0.338 – 9.0.0.338
• Symantec / norton_antivirus9.0.1 – 9.0.1
• Symantec / norton_antivirus9.0.1.1.1000 – 9.0.1.1.1000
• Symantec / norton_antivirus9.0.1.1000 – 9.0.1.1000
• Symantec / norton_antivirus9.0.2 – 9.0.2
• Symantec / norton_antivirus9.0.2.1000 – 9.0.2.1000
• Symantec / norton_antivirus9.0.3.1000 – 9.0.3.1000
• Symantec / norton_antivirus9.0.4 – 9.0.4
• Symantec / norton_antivirus9.0.5 – 9.0.5
• Symantec / norton_antivirus9.0.5.1100 – 9.0.5.1100
• Symantec / norton_antivirus9.0.6.1000 – 9.0.6.1000
• Symantec / norton_antivirus10.0 – 10.0
• Symantec / norton_antivirus10.0.1.1000 – 10.0.1.1000
• Symantec / norton_antivirus10.0.1.1007 – 10.0.1.1007
• Symantec / norton_antivirus10.0.1.1008 – 10.0.1.1008
• Symantec / norton_antivirus10.0.2.2000 – 10.0.2.2000
• Symantec / norton_antivirus10.0.2.2001 – 10.0.2.2001
• Symantec / norton_antivirus10.0.2.2002 – 10.0.2.2002
• Symantec / norton_antivirus10.0.2.2010 – 10.0.2.2010
• Symantec / norton_antivirus10.0.2.2011 – 10.0.2.2011
• Symantec / norton_antivirus10.0.2.2020 – 10.0.2.2020
• Symantec / norton_antivirus10.0.2.2021 – 10.0.2.2021
• Symantec / norton_antivirus10.1 – 10.1
• Symantec / norton_antivirus10.1.4 – 10.1.4
• Symantec / norton_antivirus10.1.4.4010 – 10.1.4.4010
• Symantec / norton_antivirus10.1.394 – 10.1.394
• Symantec / norton_antivirus10.1.396 – 10.1.396
• Symantec / norton_antivirus10.1.400 – 10.1.400
• Symantec / norton_antivirus10.1.401 – 10.1.401
• Symantec / norton_antivirus2005 – 2005
• Symantec / norton_antivirus2006 – 2006
• Symantec / norton_internet_security2005 – 2005
• Symantec / norton_internet_security2006 – 2006
• Symantec / norton_personal_firewall2006_9.1.1.7
• Symantec / norton_personal_firewall2005 – 2005
• Symantec / norton_personal_firewall2006 – 2006
• Symantec / norton_personal_firewall2006_9.1.0.33 – 2006_9.1.0.33
• Symantec / norton_system_works2005 – 2005
• Symantec / norton_system_works2006 – 2006

References

• MISChttp://www.symantec.com/avcenter/security/Content/2007.09.05.html
• MISChttp://www.securityfocus.com/archive/1/462926/100/0/threaded
• MAILING_LISThttp://marc.info/?l=full-disclosure&m=117396596027148&w=2
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/33003
• MISChttp://www.securityfocus.com/bid/22977
• MISChttp://osvdb.org/35088
• MISChttp://securityreason.com/securityalert/2438
• MISChttp://securitytracker.com/id?1018656
• VENDOR_ADVISORYhttp://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php