Vulnerabilities > CVE-2006-4927 - Privilege Escalation vulnerability in Symantec AntiVirus IOCTL Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions (1) 0x222AD3, (2) 0x222AD7, and (3) 0x222ADB. Update 20061.3.0.12 has been released by the vendor for each vulnerable driver. Additionally, an update to the virus definitions (October 4, 2006 revision 9 or later) is required.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description Symantec AntiVirus IOCTL Kernel Privilege Escalation Vulnerability (1). CVE-2006-4927 . Local exploit for windows platform id EDB-ID:28763 last seen 2016-02-03 modified 2006-08-26 published 2006-08-26 reporter Ruben Santamarta source https://www.exploit-db.com/download/28763/ title Symantec AntiVirus - IOCTL Kernel Privilege Escalation Vulnerability 1 description Symantec AntiVirus IOCTL Kernel Privilege Escalation Vulnerability (2). CVE-2006-4927. Local exploit for windows platform id EDB-ID:28764 last seen 2016-02-03 modified 2006-08-26 published 2006-08-26 reporter Ruben Santamarta source https://www.exploit-db.com/download/28764/ title Symantec AntiVirus - IOCTL Kernel Privilege Escalation Vulnerability 2
References
- http://secunia.com/advisories/22288
- http://securityreason.com/securityalert/1690
- http://securitytracker.com/id?1016994
- http://securitytracker.com/id?1016995
- http://securitytracker.com/id?1016996
- http://securitytracker.com/id?1016997
- http://securitytracker.com/id?1016998
- http://securitytracker.com/id?1016999
- http://securitytracker.com/id?1017000
- http://securitytracker.com/id?1017001
- http://securitytracker.com/id?1017002
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=417
- http://www.kb.cert.org/vuls/id/946820
- http://www.securityfocus.com/archive/1/447849/100/0/threaded
- http://www.securityfocus.com/bid/20360
- http://www.symantec.com/avcenter/security/Content/2006.10.05a.html
- http://www.vupen.com/english/advisories/2006/3928
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29360