Strix
26.1K

CVE-2007-3673

UnknownEPSS 1.06%

Last modified

CVE-2007-3673 is a vulnerability of currently unknown severity. Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\symTDI\, which results in memory overwrite.. EPSS estimates a 1.06% chance of exploitation in the next 30 days.

Description

Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\symTDI\, which results in memory overwrite.

Metrics

EPSS Probability
1.06%

60.2th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
SymantecClient Security2.0
SymantecClient Security3.0
SymantecClient Security3.1
SymantecNorton Antispam2005
SymantecNorton Antivirus9.0
SymantecNorton Antivirus9.0.0.338
SymantecNorton Antivirus9.0.1
SymantecNorton Antivirus9.0.1.1.1000
SymantecNorton Antivirus9.0.1.1000
SymantecNorton Antivirus9.0.2
SymantecNorton Antivirus9.0.2.1000
SymantecNorton Antivirus9.0.3.1000
SymantecNorton Antivirus9.0.4
SymantecNorton Antivirus9.0.5
SymantecNorton Antivirus9.0.5.1100
SymantecNorton Antivirus10.0
SymantecNorton Antivirus10.1
SymantecNorton Antivirus2005
SymantecNorton Antivirus2006
SymantecNorton Internet Security2005
SymantecNorton Internet Security2006
SymantecNorton Personal Firewall2005
SymantecNorton Personal Firewall2006
SymantecNorton System Works2005
SymantecNorton System Works2006

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2007-3673?
Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\symTDI\, which results in memory overwrite.
How severe is CVE-2007-3673?
Severity scoring for CVE-2007-3673 is pending analysis. The EPSS model estimates a 1.06% probability of exploitation in the next 30 days.
How do I fix CVE-2007-3673?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-3673?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST