CVE-2006-4802
CVE-2006-4802
Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a "second format string vulnerability" as found by the vendor.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://secunia.com/advisories/21884http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.htmlhttp://securitytracker.com/id?1016842https://exchange.xforce.ibmcloud.com/vulnerabilities/28937http://www.securityfocus.com/archive/1/446293/100/0/threadedhttp://www.securityfocus.com/bid/19986