QwikSec

Security Database

CVE

CWE

Training

CVE-2007-3673

Published: Jul 15, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\symTDI\, which results in memory overwrite.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SECUNIA

http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html

x_refsource_CONFIRM

symantec-multi-symtdi-privilege-escalation(35347)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_SECTRACK

20070711 Symantec AntiVirus symtdi.sys Local Privilege Escalation Vulnerability

third-party-advisory

x_refsource_IDEFENSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.