← voltar
CVE-2006-4927

CVE-2006-4927

EPSS 1.7%
The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions (1) 0x222AD3, (2) 0x222AD7, and (3) 0x222ADB.
Produtos afetados
n/a · n/a
PoCs públicas encontradas2
exploitdbwww.exploit-db.com/exploits/28763não verificadoexploitdbwww.exploit-db.com/exploits/28764não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://secunia.com/advisories/22288http://securityreason.com/securityalert/1690http://securitytracker.com/id?1016994http://securitytracker.com/id?1016995http://securitytracker.com/id?1016996http://securitytracker.com/id?1016997http://securitytracker.com/id?1016998http://securitytracker.com/id?1016999http://securitytracker.com/id?1017000http://securitytracker.com/id?1017001http://securitytracker.com/id?1017002https://exchange.xforce.ibmcloud.com/vulnerabilities/29360