Details of VAR-200505-0454

ID

VAR-200505-0454

CVE

CVE-2005-0922

TITLE

Symantec Norton AntiVirus AutoProtect Module Remote Denial Of Service Vulnerability

Trust: 0.9

sources: BID: 12923 // CNNVD: CNNVD-200505-099

DESCRIPTION

Unknown vulnerability in the Auto-Protect module in Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (system hang or crash) by triggering a scan of a certain file type. It is reported that the issue manifests when an unspecified type of file is scanned by AutoProtect, the scan results in the device driver module failing leading to a subsequent kernel crash. The Symantec Norton AntiVirus AutoProtect SmartScan functionality is reported prone to a local denial of service vulnerability. A local attacker may exploit this vulnerability to deny service for legitimate users. This type of file itself is not malicious, but an attacker may maliciously introduce the file from the outside through email or http, and an authorized user may also introduce the file from the inside to interrupt the service of the target system. PROVIDED AND/OR DISCOVERED BY: Isamu Noguchi ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2005.03.28.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.78

sources: NVD: CVE-2005-0922 // CERT/CC: VU#146020 // CERT/CC: VU#713620 // JVNDB: JVNDB-2005-000762 // BID: 12923 // BID: 12924 // VULHUB: VHN-12131 // PACKETSTORM: 36864

AFFECTED PRODUCTS

vendor:	symantec	model:	norton internet security	scope:	eq	version:	2005	Trust: 3.0
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	2005	Trust: 3.0
vendor:	symantec	model:	-	scope:	-	version:	-	Trust: 1.6
vendor:	symantec	model:	norton system works	scope:	eq	version:	2005_premier	Trust: 1.6
vendor:	symantec	model:	norton internet security	scope:	eq	version:	2004	Trust: 1.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	2.1	Trust: 1.6
vendor:	symantec	model:	norton system works	scope:	eq	version:	2004_professional	Trust: 1.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	2004	Trust: 1.1
vendor:	symantec	model:	norton internet security	scope:	eq	version:	2004 (professional)	Trust: 0.8
vendor:	symantec	model:	norton systemworks	scope:	eq	version:	2004 (professional)	Trust: 0.8
vendor:	symantec	model:	norton systemworks	scope:	eq	version:	2005 (premier)	Trust: 0.8
vendor:	symantec	model:	norton system works premier	scope:	eq	version:	2005	Trust: 0.6
vendor:	symantec	model:	norton systemworks professional edition	scope:	eq	version:	2004	Trust: 0.3
vendor:	symantec	model:	norton internet security professional edition	scope:	eq	version:	2004	Trust: 0.3

sources: CERT/CC: VU#146020 // CERT/CC: VU#713620 // BID: 12923 // BID: 12924 // JVNDB: JVNDB-2005-000762 // CNNVD: CNNVD-200505-099 // NVD: CVE-2005-0922

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-0922
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#146020
value:	4.50
Trust: 0.8
CARNEGIE MELLON:	VU#713620
value:	4.05
Trust: 0.8
IPA:	JVNDB-2005-000762
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200505-099
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-12131
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-0922
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
IPA:	JVNDB-2005-000762
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-12131
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#146020 // CERT/CC: VU#713620 // VULHUB: VHN-12131 // JVNDB: JVNDB-2005-000762 // CNNVD: CNNVD-200505-099 // NVD: CVE-2005-0922

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-0922

THREAT TYPE

network

Trust: 0.6

sources: BID: 12923 // BID: 12924

TYPE

Unknown

Trust: 0.6

sources: BID: 12923 // BID: 12924

CONFIGURATIONS

sources: JVNDB: JVNDB-2005-000762

PATCH

title:

SYM05-006

url:

http://www.symantec.com/avcenter/security/Content/2005.03.28.html

Trust: 0.8

sources: JVNDB: JVNDB-2005-000762

EXTERNAL IDS

db:	SECUNIA	id:	14741	Trust: 4.2
db:	BID	id:	12923	Trust: 3.6
db:	SECTRACK	id:	1013587	Trust: 3.3
db:	CERT/CC	id:	VU#146020	Trust: 3.3
db:	SECTRACK	id:	1013586	Trust: 3.3
db:	SECTRACK	id:	1013585	Trust: 2.5
db:	NVD	id:	CVE-2005-0922	Trust: 2.5
db:	BID	id:	12924	Trust: 1.1
db:	CERT/CC	id:	VU#713620	Trust: 0.8
db:	JVNDB	id:	JVNDB-2005-000762	Trust: 0.8
db:	CNNVD	id:	CNNVD-200505-099	Trust: 0.6
db:	VULHUB	id:	VHN-12131	Trust: 0.1
db:	PACKETSTORM	id:	36864	Trust: 0.1

sources: CERT/CC: VU#146020 // CERT/CC: VU#713620 // VULHUB: VHN-12131 // BID: 12923 // BID: 12924 // JVNDB: JVNDB-2005-000762 // PACKETSTORM: 36864 // CNNVD: CNNVD-200505-099 // NVD: CVE-2005-0922

REFERENCES

url:	http://securityresponse.symantec.com/avcenter/security/content/2005.03.28.html	Trust: 3.4
url:	http://www.securityfocus.com/bid/12923	Trust: 3.3
url:	http://www.kb.cert.org/vuls/id/146020	Trust: 2.5
url:	http://securitytracker.com/id?1013585	Trust: 2.5
url:	http://securitytracker.com/id?1013586	Trust: 2.5
url:	http://securitytracker.com/id?1013587	Trust: 2.5
url:	http://secunia.com/advisories/14741	Trust: 2.5
url:	http://secunia.com/advisories/14741/	Trust: 1.7
url:	http://www.securitytracker.com/alerts/2005/mar/1013587	Trust: 0.8
url:	http://www.securityfocus.com/bid/12924	Trust: 0.8
url:	http://www.securitytracker.com/alerts/2005/mar/1013586	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0922	Trust: 0.8
url:	http://jvn.jp/en/jp/jvnc45d8ead/index.html	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0922	Trust: 0.8
url:	http://www.symantec.com/avcenter/security/content/2005.03.28.html	Trust: 0.6
url:	http://secunia.com/product/4009/	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/product/4848/	Trust: 0.1
url:	http://secunia.com/product/2800/	Trust: 0.1
url:	http://secunia.com/product/2796/	Trust: 0.1
url:	http://secunia.com/secunia_vacancies/	Trust: 0.1
url:	http://secunia.com/product/2442/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/product/4847/	Trust: 0.1

CREDITS

Isamu Noguchi

Trust: 0.6

sources: CNNVD: CNNVD-200505-099

SOURCES

db:	CERT/CC	id:	VU#146020
db:	CERT/CC	id:	VU#713620
db:	VULHUB	id:	VHN-12131
db:	BID	id:	12923
db:	BID	id:	12924
db:	JVNDB	id:	JVNDB-2005-000762
db:	PACKETSTORM	id:	36864
db:	CNNVD	id:	CNNVD-200505-099
db:	NVD	id:	CVE-2005-0922

LAST UPDATE DATE

2024-08-14T13:51:07.017000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#146020	date:	2005-03-30T00:00:00
db:	CERT/CC	id:	VU#713620	date:	2005-03-30T00:00:00
db:	VULHUB	id:	VHN-12131	date:	2008-09-05T00:00:00
db:	BID	id:	12923	date:	2005-03-28T00:00:00
db:	BID	id:	12924	date:	2005-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2005-000762	date:	2008-05-21T00:00:00
db:	CNNVD	id:	CNNVD-200505-099	date:	2006-09-28T00:00:00
db:	NVD	id:	CVE-2005-0922	date:	2008-09-05T20:47:41.927

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#146020	date:	2005-03-30T00:00:00
db:	CERT/CC	id:	VU#713620	date:	2005-03-30T00:00:00
db:	VULHUB	id:	VHN-12131	date:	2005-05-02T00:00:00
db:	BID	id:	12923	date:	2005-03-28T00:00:00
db:	BID	id:	12924	date:	2005-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2005-000762	date:	2008-05-21T00:00:00
db:	PACKETSTORM	id:	36864	date:	2005-03-30T08:17:27
db:	CNNVD	id:	CNNVD-200505-099	date:	2005-03-30T00:00:00
db:	NVD	id:	CVE-2005-0922	date:	2005-05-02T04:00:00