Details of VAR-200703-0519

ID

VAR-200703-0519

CVE

CVE-2007-1495

TITLE

Symantec Norton Personal Firewall Such as \Device\SymEvent Service disruption in drivers (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2007-005254

DESCRIPTION

The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.1.7, and possibly other products using symevent.sys 12.0.0.20, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data, a reintroduction of CVE-2006-4855. This vulnerability CVE-2006-4855 It is a reproduction.Local user disrupts service operation via invalid data ( System crash ) It may be in a state. This issue occurs when attackers send malformed data to the 'SymEvent' driver. A local authenticated attacker may exploit this issue to crash affected computers, denying service to legitimate users. Symantec is currently investigating this issue; this BID will be updated as more information becomes available. NOTE: This BID is being retired because it is already covered in BID 20051. Please see the vulnerable systems section for details regarding affected Symantec products. This vulnerability is a re-reference of CVE-2006-4855

Trust: 2.25

sources: NVD: CVE-2007-1495 // JVNDB: JVNDB-2007-005254 // BID: 22961 // BID: 20051 // VULHUB: VHN-24857

AFFECTED PRODUCTS

vendor:	symantec	model:	norton personal firewall	scope:	eq	version:	2006_9.1.1.7	Trust: 1.6
vendor:	symantec	model:	norton personal firewall	scope:	eq	version:	2006 9.1.1.7	Trust: 0.8
vendor:	symantec	model:	norton personal firewall	scope:	eq	version:	20069.1.1.7	Trust: 0.3
vendor:	symantec	model:	pcanywhere	scope:	eq	version:	11.5	Trust: 0.3
vendor:	symantec	model:	norton systemworks	scope:	eq	version:	20060	Trust: 0.3
vendor:	symantec	model:	norton systemworks premier	scope:	eq	version:	20050	Trust: 0.3
vendor:	symantec	model:	norton systemworks	scope:	eq	version:	20050	Trust: 0.3
vendor:	symantec	model:	norton systemworks professional edition	scope:	eq	version:	2004	Trust: 0.3
vendor:	symantec	model:	norton systemworks	scope:	eq	version:	2004	Trust: 0.3
vendor:	symantec	model:	norton systemworks professional edition	scope:	eq	version:	2003	Trust: 0.3
vendor:	symantec	model:	norton personal firewall	scope:	eq	version:	2006	Trust: 0.3
vendor:	symantec	model:	norton personal firewall	scope:	eq	version:	2005	Trust: 0.3
vendor:	symantec	model:	norton personal firewall	scope:	eq	version:	2004	Trust: 0.3
vendor:	symantec	model:	norton personal firewall	scope:	eq	version:	2003	Trust: 0.3
vendor:	symantec	model:	norton internet security	scope:	eq	version:	20070	Trust: 0.3
vendor:	symantec	model:	norton internet security professional edition	scope:	eq	version:	2006	Trust: 0.3
vendor:	symantec	model:	norton internet security professional edition	scope:	eq	version:	2005	Trust: 0.3
vendor:	symantec	model:	norton internet security	scope:	eq	version:	2005	Trust: 0.3
vendor:	symantec	model:	norton internet security professional edition	scope:	eq	version:	2004	Trust: 0.3
vendor:	symantec	model:	norton internet security	scope:	eq	version:	2004	Trust: 0.3
vendor:	symantec	model:	norton internet security professional edition	scope:	eq	version:	2003	Trust: 0.3
vendor:	symantec	model:	norton internet security	scope:	eq	version:	2003	Trust: 0.3
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	20070	Trust: 0.3
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	2006	Trust: 0.3
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	2005	Trust: 0.3
vendor:	symantec	model:	norton antivirus professional edition	scope:	eq	version:	2004	Trust: 0.3
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	2004	Trust: 0.3
vendor:	symantec	model:	norton antivirus professional edition	scope:	eq	version:	2003	Trust: 0.3
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	20030	Trust: 0.3
vendor:	symantec	model:	host ids	scope:	eq	version:	0	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.0	Trust: 0.3
vendor:	symantec	model:	client security build	scope:	eq	version:	2.0.51100	Trust: 0.3
vendor:	symantec	model:	client security mr3 b9.0.3.1000	scope:	eq	version:	2.0.3	Trust: 0.3
vendor:	symantec	model:	client security mr2 b9.0.2.1000	scope:	eq	version:	2.0.2	Trust: 0.3
vendor:	symantec	model:	client security mr1 b9.0.1.1000	scope:	eq	version:	2.0.1	Trust: 0.3
vendor:	symantec	model:	client security stm build	scope:	eq	version:	2.09.0.0.338	Trust: 0.3
vendor:	symantec	model:	client security (scf	scope:	eq	version:	2.07.1)	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	2.0	Trust: 0.3
vendor:	symantec	model:	client security mr5 build	scope:	eq	version:	1.1.18.1.1.336	Trust: 0.3
vendor:	symantec	model:	client security mr4 build	scope:	eq	version:	1.1.18.1.1.329	Trust: 0.3
vendor:	symantec	model:	client security mr3 build	scope:	eq	version:	1.1.18.1.1.323	Trust: 0.3
vendor:	symantec	model:	client security mr2 build	scope:	eq	version:	1.1.18.1.1.319	Trust: 0.3
vendor:	symantec	model:	client security mr1 build 8.1.1.314a	scope:	eq	version:	1.1.1	Trust: 0.3
vendor:	symantec	model:	client security build	scope:	eq	version:	1.1.1393	Trust: 0.3
vendor:	symantec	model:	client security mr6 b8.1.1.266	scope:	eq	version:	1.1.1	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	1.1.1	Trust: 0.3
vendor:	symantec	model:	client security stm b8.1.0.825a	scope:	eq	version:	1.1	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	1.1	Trust: 0.3
vendor:	symantec	model:	client security mr8 build	scope:	eq	version:	1.0.18.01.471	Trust: 0.3
vendor:	symantec	model:	client security mr7 build	scope:	eq	version:	1.0.18.01.464	Trust: 0.3
vendor:	symantec	model:	client security mr6 build	scope:	eq	version:	1.0.18.01.460	Trust: 0.3
vendor:	symantec	model:	client security mr5 build	scope:	eq	version:	1.0.18.01.457	Trust: 0.3
vendor:	symantec	model:	client security mr4 build	scope:	eq	version:	1.0.18.01.446	Trust: 0.3
vendor:	symantec	model:	client security mr3 build	scope:	eq	version:	1.0.18.01.434	Trust: 0.3
vendor:	symantec	model:	client security build	scope:	eq	version:	1.0.18.01.437	Trust: 0.3
vendor:	symantec	model:	client security mr9 b8.01.501	scope:	eq	version:	1.0.1	Trust: 0.3
vendor:	symantec	model:	client security mr2 b8.01.429c	scope:	eq	version:	1.0.1	Trust: 0.3
vendor:	symantec	model:	client security mr1 b8.01.425a/b	scope:	eq	version:	1.0.1	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	1.0.1	Trust: 0.3
vendor:	symantec	model:	client security b8.01.9378	scope:	eq	version:	1.0.0	Trust: 0.3
vendor:	symantec	model:	client security b8.01.9374	scope:	eq	version:	1.0	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	1.0	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.1	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.2.2021	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.2.2020	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.2.2011	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.2.2010	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.2.2002	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.2.2001	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.2.2000	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0.5.1100	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0.5	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0.4	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0.3.1000	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0.2.1000	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0.1.1.1000	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0.0.338	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition build	scope:	eq	version:	8.1.18.1.1.329	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition build	scope:	eq	version:	8.1.18.1.1.323	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition build	scope:	eq	version:	8.1.18.1.1.319	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition build 8.1.1.314a	scope:	eq	version:	8.1.1	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition build	scope:	eq	version:	8.1.1393	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	8.1.1.377	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	8.1.1.366	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	8.1.1	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition build	scope:	eq	version:	8.18.01.471	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition build	scope:	eq	version:	8.18.01.464	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition build	scope:	eq	version:	8.18.01.460	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition build	scope:	eq	version:	8.18.01.457	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition build	scope:	eq	version:	8.18.01.446	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition build	scope:	eq	version:	8.18.01.437	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition build	scope:	eq	version:	8.18.01.434	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition .0.825a	scope:	eq	version:	8.1	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	8.1	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	8.01.9378	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	8.01.9374	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	8.01.501	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition 1.429c	scope:	eq	version:	8.0	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition 1.425a/b	scope:	eq	version:	8.0	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	8.01	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	8.0	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.1	Trust: 0.3

sources: BID: 22961 // BID: 20051 // JVNDB: JVNDB-2007-005254 // CNNVD: CNNVD-200703-422 // NVD: CVE-2007-1495

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-1495
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2007-1495
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200703-422
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-24857
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2007-1495
severity:	MEDIUM
baseScore:	4.9
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-24857
severity:	MEDIUM
baseScore:	4.9
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-24857 // JVNDB: JVNDB-2007-005254 // CNNVD: CNNVD-200703-422 // NVD: CVE-2007-1495

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-1495

THREAT TYPE

local

Trust: 1.2

sources: BID: 22961 // BID: 20051 // CNNVD: CNNVD-200703-422

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.6

sources: BID: 22961 // BID: 20051

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-005254

PATCH

title:

Norton Personal Firewall

url:

http://us.norton.com/now/en/pu/images/Promotions/2012/5804/ch2.html?undefined&s_tnt=48837:19:0

Trust: 0.8

sources: JVNDB: JVNDB-2007-005254

EXTERNAL IDS

db:	NVD	id:	CVE-2007-1495	Trust: 2.8
db:	BID	id:	22961	Trust: 2.0
db:	SREASON	id:	2445	Trust: 1.7
db:	JVNDB	id:	JVNDB-2007-005254	Trust: 0.8
db:	CNNVD	id:	CNNVD-200703-422	Trust: 0.7
db:	BUGTRAQ	id:	20070314 SYMEVENT DRIVER LOCAL ACCESS SYSTEM DENIAL OF SERVICE	Trust: 0.6
db:	BID	id:	20051	Trust: 0.3
db:	VULHUB	id:	VHN-24857	Trust: 0.1

sources: VULHUB: VHN-24857 // BID: 22961 // BID: 20051 // JVNDB: JVNDB-2007-005254 // CNNVD: CNNVD-200703-422 // NVD: CVE-2007-1495

REFERENCES

url:	http://www.securityfocus.com/bid/22961	Trust: 1.7
url:	http://securityreason.com/securityalert/2445	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/462792/100/0/threaded	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1495	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1495	Trust: 0.8
url:	http://www.symantec.com/sabu/nis/npf/	Trust: 0.6
url:	/archive/1/446111	Trust: 0.6
url:	http://www.securityfocus.com/archive/1/archive/1/462792/100/0/threaded	Trust: 0.6
url:	/archive/1/462792	Trust: 0.3
url:	http://www.symantec.com/avcenter/security/content/2006.09.20a.html	Trust: 0.3

sources: VULHUB: VHN-24857 // BID: 22961 // BID: 20051 // JVNDB: JVNDB-2007-005254 // CNNVD: CNNVD-200703-422 // NVD: CVE-2007-1495

CREDITS

Discovery is credited to David Matousek.

Trust: 1.2

sources: BID: 22961 // BID: 20051 // CNNVD: CNNVD-200703-422

SOURCES

db:	VULHUB	id:	VHN-24857
db:	BID	id:	22961
db:	BID	id:	20051
db:	JVNDB	id:	JVNDB-2007-005254
db:	CNNVD	id:	CNNVD-200703-422
db:	NVD	id:	CVE-2007-1495

LAST UPDATE DATE

2024-08-14T14:59:10.956000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-24857	date:	2018-10-16T00:00:00
db:	BID	id:	22961	date:	2007-07-03T22:17:00
db:	BID	id:	20051	date:	2015-05-12T19:49:00
db:	JVNDB	id:	JVNDB-2007-005254	date:	2012-12-20T00:00:00
db:	CNNVD	id:	CNNVD-200703-422	date:	2007-03-20T00:00:00
db:	NVD	id:	CVE-2007-1495	date:	2018-10-16T16:38:46.267

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-24857	date:	2007-03-16T00:00:00
db:	BID	id:	22961	date:	2007-03-14T00:00:00
db:	BID	id:	20051	date:	2006-09-15T00:00:00
db:	JVNDB	id:	JVNDB-2007-005254	date:	2012-12-20T00:00:00
db:	CNNVD	id:	CNNVD-200703-422	date:	2007-03-16T00:00:00
db:	NVD	id:	CVE-2007-1495	date:	2007-03-16T22:19:00