admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-12 02:04:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2006/CVE-2006-49xx/CVE-2006-4927.json
cad-safe-bot 3fee22852e Auto-Update: 2024-11-22T03:12:55.002450+00:00
2024-11-22 03:16:05 +00:00

333 lines
8.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2006-4927",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-10-10T04:06:00.000",
"lastModified": "2024-11-21T00:17:11.137",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions (1) 0x222AD3, (2) 0x222AD7, and (3) 0x222ADB."
},
{
"lang": "es",
"value": "Los controladores de dispositivo de (a) NAVENG (NAVENG.SYS) y (b) NAVEX15 (NAVEX15.SYS) 20061.3.0.12 y posteriores, utilizados en Symantec AntiVirus y en productos de seguridad, permiten a usuarios locales escalar privilegios sobreescribiendo direcciones cr\u00edticas del sistema utilizando un Irp (paquete de petici\u00f3n de Entrada/salida) creado artesanalmente para las funciones IOCTL (1) 0x222AD3, (2) 0x222AD7, y (3) 0x222ADB."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 4.6,
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": true,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:symantec:naveng_driver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1278247D-9258-46E2-91D7-29FB40C616D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:symantec:navex15_driver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84278ED8-D4D2-4351-9A0E-5F811A4C06E9"
}
]
}
]
}
],
"references": [
{
"url": "http://secunia.com/advisories/22288",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://securityreason.com/securityalert/1690",
"source": "cve@mitre.org"
},
{
"url": "http://securitytracker.com/id?1016994",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1016995",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1016996",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1016997",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1016998",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1016999",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1017000",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1017001",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1017002",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=417",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/946820",
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.securityfocus.com/archive/1/447849/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/20360",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://www.symantec.com/avcenter/security/Content/2006.10.05a.html",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "http://www.vupen.com/english/advisories/2006/3928",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29360",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/22288",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://securityreason.com/securityalert/1690",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://securitytracker.com/id?1016994",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1016995",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1016996",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1016997",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1016998",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1016999",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1017000",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1017001",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://securitytracker.com/id?1017002",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=417",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/946820",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.securityfocus.com/archive/1/447849/100/0/threaded",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/20360",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "http://www.symantec.com/avcenter/security/Content/2006.10.05a.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "http://www.vupen.com/english/advisories/2006/3928",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29360",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
],
"evaluatorSolution": "Update 20061.3.0.12 has been released by the vendor for each vulnerable driver.\r\nAdditionally, an update to the virus definitions (October 4, 2006 revision 9 or later) is required."
}
Reference in New Issue View Git Blame Copy Permalink