Vulnerabilities > CVE-2003-1310 - Unspecified vulnerability in Symantec Norton Antivirus 2002/2003

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
symantec
exploit available
NVD
Published: 2003-12-31
Updated: 2017-07-29

Summary

The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack").

Vulnerable Configurations

Part Description Count
Application
Symantec
2

Exploit-Db

descriptionSymantec Norton AntiVirus 2002/2003 Device Driver Memory Overwrite Vulnerability. CVE-2003-1310. Local exploit for windows platform
idEDB-ID:22980
last seen2016-02-02
modified2003-08-02
published2003-08-02
reporterLord Yup
sourcehttps://www.exploit-db.com/download/22980/
titleSymantec Norton AntiVirus 2002/2003 Device Driver Memory Overwrite Vulnerability

References