{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-10-23T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-18T14:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "symantec-savrt-privilege-escalation(29762)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29762"}, {"name": "20684", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20684"}, {"name": "ADV-2006-4157", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4157"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.symantec.com/avcenter/security/Content/2006.10.23.html"}, {"name": "20061023 Symantec Product Security: Symantec Device Driver Elevation of Privileg", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/449524/100/0/threaded"}, {"name": "22536", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/22536"}, {"name": "1017108", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017108"}, {"name": "1017109", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017109"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-3455", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "symantec-savrt-privilege-escalation(29762)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29762"}, {"name": "20684", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20684"}, {"name": "ADV-2006-4157", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4157"}, {"name": "http://www.symantec.com/avcenter/security/Content/2006.10.23.html", "refsource": "CONFIRM", "url": "http://www.symantec.com/avcenter/security/Content/2006.10.23.html"}, {"name": "20061023 Symantec Product Security: Symantec Device Driver Elevation of Privileg", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/449524/100/0/threaded"}, {"name": "22536", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22536"}, {"name": "1017108", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017108"}, {"name": "1017109", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017109"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T18:30:33.727Z"}, "title": "CVE Program Container", "references": [{"name": "symantec-savrt-privilege-escalation(29762)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29762"}, {"name": "20684", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/20684"}, {"name": "ADV-2006-4157", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4157"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.symantec.com/avcenter/security/Content/2006.10.23.html"}, {"name": "20061023 Symantec Product Security: Symantec Device Driver Elevation of Privileg", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/449524/100/0/threaded"}, {"name": "22536", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/22536"}, {"name": "1017108", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017108"}, {"name": "1017109", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017109"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-3455", "datePublished": "2006-10-23T20:00:00.000Z", "dateReserved": "2006-07-07T00:00:00.000Z", "dateUpdated": "2024-08-07T18:30:33.727Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7483F6DD-EDC0-497E-A5A9-B186E02CCCEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "2DA2590E-DFB0-4B72-99BC-B49AD97A4969", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_build_393:*:*:*:*:*:*:*", "matchCriteriaId": "766C850E-817E-41AB-B0FF-413513548BC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*", "matchCriteriaId": "FB47C16B-5221-4D64-BDB2-65D072A66C02", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*", "matchCriteriaId": "204F2046-F116-45D7-9256-179A3B59886A", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*", "matchCriteriaId": "CD0C67C0-3CF1-4BAD-A673-9B783E1D0724", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*", "matchCriteriaId": "274EA5DA-9519-46DE-B11E-87BDF1978E14", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*", "matchCriteriaId": "044C020A-0BCC-4037-BC32-73385A0BE019", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr6_b8.1.1.266:*:*:*:*:*:*:*", "matchCriteriaId": "9A0176BE-3D55-422B-9FDD-961A00CFAC19", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:1.1_stm_b8.1.0.825a:*:*:*:*:*:*:*", "matchCriteriaId": "CA3D7305-B8D0-4165-9F0F-50A49142EF2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "251E7DE8-4485-438E-B62D-1BF508ECCCF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*", "matchCriteriaId": "D934F853-C7E0-421E-9AF3-B7B49228722F", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "742DB20E-AB26-4CF4-A383-BDCF3FBA448F", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*", "matchCriteriaId": "D608AACF-A4BC-49CE-BE49-E8F3AEF31DC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A5E4BCD7-E441-417A-8C52-E1DE80AD67CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*", "matchCriteriaId": "3238894A-3C25-4CC8-A319-8AA7246FEC51", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*", "matchCriteriaId": "A7C2D813-C219-4FF3-9C3B-DBB855480492", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*", "matchCriteriaId": "A5A00A25-A52F-4E9D-AAD0-194171C772FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*", "matchCriteriaId": "3AA02AEB-362B-4A09-92E3-D6D8BB4B6CB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.0.825a:*:corporate:*:*:*:*:*", "matchCriteriaId": "3A82AC27-8BE6-47F7-A6EC-F4C21373AA58", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1:*:corporate:*:*:*:*:*", "matchCriteriaId": "ECAA6170-5520-4AA9-8358-5F91FD10420E", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*", "matchCriteriaId": "E626F14C-FDE9-4C6A-8CE7-B99CD4FEE485", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*", "matchCriteriaId": "EC4CFE5A-4D51-405D-B92E-37DE4E617ABE", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*", "matchCriteriaId": "727A116A-D18C-4F3F-A6A8-2C6107FFB8C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.366:*:corporate:*:*:*:*:*", "matchCriteriaId": "EAE76215-2A7E-4D71-8757-AE10E4A9AE0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.377:*:corporate:*:*:*:*:*", "matchCriteriaId": "AF45DF9D-D7BE-41AD-A838-0AF9A264EBFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*", "matchCriteriaId": "4A6612F1-4CA8-427A-AED4-854F943BA3D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1_build393:*:corporate:*:*:*:*:*", "matchCriteriaId": "902A4011-83C5-4A3B-B443-C51EA855E8E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*", "matchCriteriaId": "8BB225A0-7FB9-4AD2-8ED2-5CC1AEBAAB3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*", "matchCriteriaId": "9603C423-F24A-4607-B721-D02EDA94AE8D", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*", "matchCriteriaId": "574AAAA6-8181-457B-84CE-5AEB1895E3B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*", "matchCriteriaId": "DF957AD3-B6E5-4BD7-832F-33E734817B77", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*", "matchCriteriaId": "14D862F4-BE5F-4E6B-9955-ACFB48A5D3B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*", "matchCriteriaId": "768B7F5E-E4AD-420E-92FA-A58E1AE3D1BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*", "matchCriteriaId": "C15B7FEA-E6A9-4DBE-B1A9-E17E91512A77", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*", "matchCriteriaId": "2860637E-6FA5-445A-86B5-E9F2D2D7DD37", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*", "matchCriteriaId": "EDF0DA40-1AC4-4610-AEAC-F431E23BAEAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*", "matchCriteriaId": "018D1F3B-BAFC-461E-B833-9E0F98A6533D", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*", "matchCriteriaId": "4B9AED5E-2D66-4EB2-95CC-158D909AAE6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*", "matchCriteriaId": "5696AC09-E8BB-4060-9A81-EA2B190B850A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function."}, {"lang": "es", "value": "El controlador de dispositivo SAVRT.SYS, utilizado en Symantec AntiVirus Corporate Edition 8.1 y 9.0.x hasta 9.0.3, y en Symantec Client Security 1.1 y 2.0.x hasta 2.0.3, permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n mediante una direcci\u00f3n modificada para el argumento de b\u00fafer de salida en la funci\u00f3n DeviceIOControl."}], "id": "CVE-2006-3455", "lastModified": "2026-04-23T00:35:47.467", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-10-23T20:07:00.000", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/22536"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017108"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017109"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/449524/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/20684"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.symantec.com/avcenter/security/Content/2006.10.23.html"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/4157"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29762"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/22536"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1017108"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1017109"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/449524/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/20684"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.symantec.com/avcenter/security/Content/2006.10.23.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/4157"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29762"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}