Lucene search
MitreCVE-2003-1310HistoryNov 30, 2006 - 4:00 p.m.
CVE-2003-1310
2006-11-3016:00:00
mitre
web.nvd.nist.gov
24
deviceiocontrol function
norton device driver
navap.sys
symantec norton antivirus 2002
cve-2003-1310
device driver attack
memory overwrite
local privilege escalation
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0
Percentile
0.4%
The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka “Device Driver Attack”).
Affected configurations
Node
symantecnorton_antivirusMatch2002
ORsymantecnorton_antivirusMatch2003
| Vendor | Product | Version | CPE |
|---|---|---|---|
| symantec | norton_antivirus | 2002 | cpe:2.3:a:symantec:norton_antivirus:2002:*:*:*:*:*:*:* |
| symantec | norton_antivirus | 2003 | cpe:2.3:a:symantec:norton_antivirus:2003:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
Symantec Norton AntiVirus 2002/2003 - Device Driver Memory Overwrite
2003-08-02 00:00:00
nvd
nvd
CVE-2003-1310
2003-12-31 05:00:00
cvelist
cvelist
CVE-2003-1310
2006-11-30 16:00:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0
Percentile
0.4%
Related for CVE-2003-1310