Lucene search

[email protected]NVD:CVE-2006-3454

HistorySep 14, 2006 - 12:07 a.m.

CVE-2006-3454

2006-09-1400:07:00

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.001

Percentile

44.3%

JSON

Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allow local users to execute arbitrary code via format strings in (1) Tamper Protection and (2) Virus Alert Notification messages.

Affected configurations

Nvd

Node

symantecclient_securityMatch1.0

symantecclient_securityMatch1.0.1

symantecclient_securityMatch1.1

symantecclient_securityMatch1.1.1

symantecclient_securityMatch2.0

symantecclient_securityMatch2.0.1

symantecclient_securityMatch2.0.2

symantecclient_securityMatch2.0.3

symantecclient_securityMatch2.0.4

symantecclient_securityMatch3.0

symantecnorton_antivirusMatch8.1corporate

symantecnorton_antivirusMatch9.0corporate

symantecnorton_antivirusMatch9.0.1corporate

symantecnorton_antivirusMatch9.0.2corporate

symantecnorton_antivirusMatch10.0corporate

VendorProductVersionCPE
symantecclient_security1.0cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
symantecclient_security1.0.1cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*
symantecclient_security1.1cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
symantecclient_security1.1.1cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
symantecclient_security2.0cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
symantecclient_security2.0.1cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*
symantecclient_security2.0.2cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*
symantecclient_security2.0.3cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*
symantecclient_security2.0.4cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*
symantecclient_security3.0cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	client_security	1.0	cpe:2.3:a:symantec:client_security:1.0:::::::*
symantec	client_security	1.0.1	cpe:2.3:a:symantec:client_security:1.0.1:::::::*
symantec	client_security	1.1	cpe:2.3:a:symantec:client_security:1.1:::::::*
symantec	client_security	1.1.1	cpe:2.3:a:symantec:client_security:1.1.1:::::::*
symantec	client_security	2.0	cpe:2.3:a:symantec:client_security:2.0:::::::*
symantec	client_security	2.0.1	cpe:2.3:a:symantec:client_security:2.0.1:::::::*
symantec	client_security	2.0.2	cpe:2.3:a:symantec:client_security:2.0.2:::::::*
symantec	client_security	2.0.3	cpe:2.3:a:symantec:client_security:2.0.3:::::::*
symantec	client_security	2.0.4	cpe:2.3:a:symantec:client_security:2.0.4:::::::*
symantec	client_security	3.0	cpe:2.3:a:symantec:client_security:3.0:::::::*

Rows per page:

1-10 of 151

References

layereddefense.com/SAV13SEPT.html

secunia.com/advisories/21884

securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html

securitytracker.com/id?1016842

www.securityfocus.com/archive/1/446041/100/0/threaded

www.securityfocus.com/archive/1/446293/100/0/threaded

www.securityfocus.com/bid/19986

www.vupen.com/english/advisories/2006/3599

exchange.xforce.ibmcloud.com/vulnerabilities/28936

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.001

Percentile

44.3%

JSON

Related for NVD:CVE-2006-3454

symantec1 cve2 cvelist2 securityvulns1 nvd1