← back
CVE-2006-3455

CVE-2006-3455

EPSS 0.4%
The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/22536http://securitytracker.com/id?1017108http://securitytracker.com/id?1017109https://exchange.xforce.ibmcloud.com/vulnerabilities/29762http://www.securityfocus.com/archive/1/449524/100/0/threadedhttp://www.securityfocus.com/bid/20684http://www.symantec.com/avcenter/security/Content/2006.10.23.htmlhttp://www.vupen.com/english/advisories/2006/4157