Vulnerabilities > CVE-2003-1310 - Unspecified vulnerability in Symantec Norton Antivirus 2002/2003
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN symantec
exploit available
Summary
The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack").
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | Symantec Norton AntiVirus 2002/2003 Device Driver Memory Overwrite Vulnerability. CVE-2003-1310. Local exploit for windows platform |
| id | EDB-ID:22980 |
| last seen | 2016-02-02 |
| modified | 2003-08-02 |
| published | 2003-08-02 |
| reporter | Lord Yup |
| source | https://www.exploit-db.com/download/22980/ |
| title | Symantec Norton AntiVirus 2002/2003 Device Driver Memory Overwrite Vulnerability |
References
- http://sec-labs.hack.pl/papers/win32ddc.php
- http://sec-labs.hack.pl/papers/win32ddc.php
- http://secunia.com/advisories/9460
- http://secunia.com/advisories/9460
- http://www.osvdb.org/4362
- http://www.osvdb.org/4362
- http://www.securityfocus.com/bid/8329
- http://www.securityfocus.com/bid/8329
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12824
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12824