QwikSec

Security Database

CVE

CWE

Training

CVE-2007-1793

Published: Apr 2, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_VUPEN

http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php

x_refsource_MISC

20070401 Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_SECTRACK

http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php

x_refsource_MISC

http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html

x_refsource_CONFIRM

symantec-firewall-ssdt-dos(33352)

vdb-entry

x_refsource_XF

http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php

x_refsource_MISC

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_SECTRACK

third-party-advisory

x_refsource_SECUNIA

20070918 Plague in (security) software drivers & BSDOhook utility

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.