Strix
26.1K

CVE-2006-3455

UnknownEPSS 0.38%

Last modified

CVE-2006-3455 is a vulnerability of currently unknown severity. The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.. EPSS estimates a 0.38% chance of exploitation in the next 30 days.

Description

The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.

Metrics

EPSS Probability
0.38%

30.0th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersionsUpdate
SymantecClient Security1.1
SymantecClient Security1.1.1
SymantecClient Security1.1.1_build_393
SymantecClient Security1.1.1_mr1_build_8.1.1.314a
SymantecClient Security1.1.1_mr2_build_8.1.1.319
SymantecClient Security1.1.1_mr3_build_8.1.1.323
SymantecClient Security1.1.1_mr4_build_8.1.1.329
SymantecClient Security1.1.1_mr5_build_8.1.1.336
SymantecClient Security1.1.1_mr6_b8.1.1.266
SymantecClient Security1.1_stm_b8.1.0.825a
SymantecClient Security2.0
SymantecClient Security2.0.1
SymantecClient Security2.0.1_build_9.0.1.1000Mr1
SymantecClient Security2.0.2
SymantecClient Security2.0.2_build_9.0.2.1000Mr2
SymantecClient Security2.0.3
SymantecClient Security2.0.3_build_9.0.3.1000Mr3
SymantecClient Security2.0_scf_7.1
SymantecClient Security2.0_stm_build_9.0.0.338
SymantecNorton Antivirus8.1
SymantecNorton Antivirus8.1.0.825a
SymantecNorton Antivirus8.1.1
SymantecNorton Antivirus8.1.1.319
SymantecNorton Antivirus8.1.1.323
SymantecNorton Antivirus8.1.1.329
SymantecNorton Antivirus8.1.1.366
SymantecNorton Antivirus8.1.1.377
SymantecNorton Antivirus8.1.1_build8.1.1.314a
SymantecNorton Antivirus8.1.1_build393
SymantecNorton Antivirus8.01.434
SymantecNorton Antivirus8.01.437
SymantecNorton Antivirus8.01.446
SymantecNorton Antivirus8.01.457
SymantecNorton Antivirus8.01.460
SymantecNorton Antivirus8.01.464
SymantecNorton Antivirus8.01.471
SymantecNorton Antivirus9.0.1
SymantecNorton Antivirus9.0.1.1.1000
SymantecNorton Antivirus9.0.1.1000
SymantecNorton Antivirus9.0.2
SymantecNorton Antivirus9.0.2.1000

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2006-3455?
The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.
How severe is CVE-2006-3455?
Severity scoring for CVE-2006-3455 is pending analysis. The EPSS model estimates a 0.38% probability of exploitation in the next 30 days.
How do I fix CVE-2006-3455?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-3455?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST