Lucene search

[email protected]NVD:CVE-2003-1310

HistoryDec 31, 2003 - 5:00 a.m.

CVE-2003-1310

2003-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

Percentile

0.4%

JSON

The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka “Device Driver Attack”).

Affected configurations

Nvd

Node

symantecnorton_antivirusMatch2002

symantecnorton_antivirusMatch2003

VendorProductVersionCPE
symantecnorton_antivirus2002cpe:2.3:a:symantec:norton_antivirus:2002:*:*:*:*:*:*:*
symantecnorton_antivirus2003cpe:2.3:a:symantec:norton_antivirus:2003:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	norton_antivirus	2002	cpe:2.3:a:symantec:norton_antivirus:2002:::::::*
symantec	norton_antivirus	2003	cpe:2.3:a:symantec:norton_antivirus:2003:::::::*

References

sec-labs.hack.pl/papers/win32ddc.php

secunia.com/advisories/9460

www.osvdb.org/4362

www.securityfocus.com/bid/8329

exchange.xforce.ibmcloud.com/vulnerabilities/12824

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

Percentile

0.4%

JSON

Related for NVD:CVE-2003-1310

exploitdb1 cvelist1 cve1