Lucene search

[email protected]CVE-2011-3477

HistoryFeb 19, 2018 - 7:29 p.m.

CVE-2011-3477

2018-02-1919:29:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2011-3477

gear software

cd dvd filter

symantec

backup exec

besr

system recovery

norton 360

norton ghost

denial of service

nvd

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.7%

JSON

GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors.

Affected configurations

NVD

Node

symantecbackup_exec_system_recoveryMatch8.5

symantecbackup_exec_system_recoveryMatch9.0

symantecbackup_exec_system_recoveryMatch2010

symantecnorton_360Match5.0

symantecnorton_ghostRange≤15.0

symantecsystem_recovery_2011Match10.0

CPENameOperatorVersion
symantec:backup_exec_system_recoverysymantec backup exec system recoveryeq8.5
symantec:backup_exec_system_recoverysymantec backup exec system recoveryeq9.0
symantec:backup_exec_system_recoverysymantec backup exec system recoveryeq2010
symantec:norton_360symantec norton 360eq5.0
symantec:norton_ghostsymantec norton ghostle15.0
symantec:system_recovery_2011symantec system recovery 2011eq10.0

CPE	Name	Operator	Version
symantec:backup_exec_system_recovery	symantec backup exec system recovery	eq	8.5
symantec:backup_exec_system_recovery	symantec backup exec system recovery	eq	9.0
symantec:backup_exec_system_recovery	symantec backup exec system recovery	eq	2010
symantec:norton_360	symantec norton 360	eq	5.0
symantec:norton_ghost	symantec norton ghost	le	15.0
symantec:system_recovery_2011	symantec system recovery 2011	eq	10.0

References

www.securityfocus.com/bid/47822

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20111109_00

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.7%

JSON

Related for CVE-2011-3477

nvd1 prion1 cvelist1