Vulnerabilities > CVE-2006-3454 - Unspecified vulnerability in Symantec Client Security and Norton Antivirus
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allow local users to execute arbitrary code via format strings in (1) Tamper Protection and (2) Virus Alert Notification messages.
Vulnerable Configurations
References
- http://layereddefense.com/SAV13SEPT.html
- http://layereddefense.com/SAV13SEPT.html
- http://secunia.com/advisories/21884
- http://secunia.com/advisories/21884
- http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html
- http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html
- http://securitytracker.com/id?1016842
- http://securitytracker.com/id?1016842
- http://www.securityfocus.com/archive/1/446041/100/0/threaded
- http://www.securityfocus.com/archive/1/446041/100/0/threaded
- http://www.securityfocus.com/archive/1/446293/100/0/threaded
- http://www.securityfocus.com/archive/1/446293/100/0/threaded
- http://www.securityfocus.com/bid/19986
- http://www.securityfocus.com/bid/19986
- http://www.vupen.com/english/advisories/2006/3599
- http://www.vupen.com/english/advisories/2006/3599
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28936
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28936