Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux

CVE-2007-1476
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855..
CVSSv2.0 Score
- Severity
- Low
- Base Score
- 1.9/10
- Exploit Score
- 3.4/10
- Access Vector
- Local
- Access Complexity
- Medium
- Authentication Required
- None
- Impact Score
- 2.9/10
- Confidentiality Impact
- None
- Availability Impact
- Partial
- Integrity Impact
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0.6:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0.6:mr6:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0:build_9.0.0.338:stm:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.6.1000:*:corporate:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_personal_firewall:*:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.1.401:*:corporate:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0.5_build_1100:*:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0.4:mr4_build1000:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.1.394:*:corporate:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0:*:scf_7.1:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0.5_build_1100_mp1:mr5: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0.5:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antispam:2005:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.1.396:*:corporate:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0:build_9.0.0.338:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.1.4:*:corporate:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:3.0:*:corporate:*:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.1.1008:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.1.4.4010:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr |
Yes
|
- | - |
References
- http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-
- http://www.securityfocus.com/bid/22977
- http://marc.info/?l=full-disclosure&m=117396596027148&w=2
- http://www.symantec.com/avcenter/security/Content/2007.09.05.html
- http://securitytracker.com/id?1018656
- http://securityreason.com/securityalert/2438
- http://osvdb.org/35088
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33003
- http://www.securityfocus.com/archive/1/462926/100/0/threaded