Vulnerabilities > CVE-2006-4927 - Privilege Escalation vulnerability in Symantec AntiVirus IOCTL Kernel

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

symantec

exploit available

NVD

Published: 2006-10-10

Updated: 2018-10-17

Summary

The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions (1) 0x222AD3, (2) 0x222AD7, and (3) 0x222ADB. Update 20061.3.0.12 has been released by the vendor for each vulnerable driver. Additionally, an update to the virus definitions (October 4, 2006 revision 9 or later) is required.

Vulnerable Configurations

Part	Description	Count
Application	Symantec Symantec Naveng Driver * Symantec Navex15 Driver *	2

Exploit-Db

description	Symantec AntiVirus IOCTL Kernel Privilege Escalation Vulnerability (1). CVE-2006-4927 . Local exploit for windows platform
id	EDB-ID:28763
last seen	2016-02-03
modified	2006-08-26
published	2006-08-26
reporter	Ruben Santamarta
source	https://www.exploit-db.com/download/28763/
title	Symantec AntiVirus - IOCTL Kernel Privilege Escalation Vulnerability 1

description	Symantec AntiVirus IOCTL Kernel Privilege Escalation Vulnerability (2). CVE-2006-4927. Local exploit for windows platform
id	EDB-ID:28764
last seen	2016-02-03
modified	2006-08-26
published	2006-08-26
reporter	Ruben Santamarta
source	https://www.exploit-db.com/download/28764/
title	Symantec AntiVirus - IOCTL Kernel Privilege Escalation Vulnerability 2

Summary

Vulnerable Configurations

Exploit-Db

References