Details of VAR-200707-0218

ID

VAR-200707-0218

CVE

CVE-2007-3800

TITLE

Symantec AntiVirus Corporate Edition and Client Security of RTVScan Vulnerability gained privileges in components

Trust: 0.8

sources: JVNDB: JVNDB-2007-005862

DESCRIPTION

Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code. A local attacker can exploit this issue to elevate privileges to the SYSTEM level. This could facilitate a complete compromise of the affected computer. Symantec AntiVirus is a very popular antivirus solution. There is a loophole in Symantec AntiVirus processing log display. If this feature is enabled, local non-privileged users can use this window to gain system and privileges and execute arbitrary commands in the system. ---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/ The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. The vulnerability is caused due to an error in the Real-Time scanner (RTVScan) component when displaying a notification window containing information on threats found on a system. This can be exploited to execute arbitrary code with SYSTEM privileges. http://www.symantec.com/enterprise/support/all_products.jsp Symantec AntiVirus Corporate Edition 9.0: SAV 9.0.6 MR6 MP1- build 1100 or later Symantec AntiVirus Corporate Edition 10.0/10.1: 10.1.4 MR4 MP1- build 4010 or later Symantec Client Security 2.0: SCS 2.0.6 MR6 MP1 - build 1100 or later Symantec Client Security 3.0/3.1: SCS 3.1.4 MR4 MP1 - build 4010 or later PROVIDED AND/OR DISCOVERED BY: The vendor credits Ali Rhabar, Sysdream. ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-3800 // JVNDB: JVNDB-2007-005862 // BID: 24810 // VULHUB: VHN-27162 // PACKETSTORM: 57694

AFFECTED PRODUCTS

vendor:	symantec	model:	client security	scope:	eq	version:	2.0	Trust: 1.9
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	9.0	Trust: 1.6
vendor:	symantec	model:	client security	scope:	eq	version:	2.1	Trust: 1.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.0	Trust: 1.6
vendor:	symantec	model:	client security	scope:	lte	version:	3.0	Trust: 1.0
vendor:	symantec	model:	norton antivirus	scope:	lte	version:	10.1	Trust: 1.0
vendor:	symantec	model:	client security	scope:	eq	version:	3.0	Trust: 0.9
vendor:	symantec	model:	client security	scope:	eq	version:	2.0 to 3.1	Trust: 0.8
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	corporate edition 9.0 to 10.1	Trust: 0.8
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.1	Trust: 0.6
vendor:	symantec	model:	client security	scope:	eq	version:	3.1.401	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.1.400	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.1.396	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.1.394	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.0.2.2021	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.0.2.2020	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.0.2.2011	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.0.2.2010	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.0.2.2002	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.0.2.2001	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.0.2.2000	Trust: 0.3
vendor:	symantec	model:	client security build	scope:	eq	version:	2.0.51100	Trust: 0.3
vendor:	symantec	model:	client security mr4 build	scope:	eq	version:	2.0.41000	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	2.0.4	Trust: 0.3
vendor:	symantec	model:	client security mr3 b9.0.3.1000	scope:	eq	version:	2.0.3	Trust: 0.3
vendor:	symantec	model:	client security mr2 b9.0.2.1000	scope:	eq	version:	2.0.2	Trust: 0.3
vendor:	symantec	model:	client security mr1 b9.0.1.1000	scope:	eq	version:	2.0.1	Trust: 0.3
vendor:	symantec	model:	client security stm build	scope:	eq	version:	2.09.0.0.338	Trust: 0.3
vendor:	symantec	model:	client security (scf	scope:	eq	version:	2.07.1)	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.1	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.0.1.1008	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.0.1.1007	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.0.1.1001	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.0.1.1000	Trust: 0.3
vendor:	symantec	model:	client security	scope:	eq	version:	3.0.0.359	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.1.4	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.1.401	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.1.400	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.1.396	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.1.394	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.2.2021	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.2.2020	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.2.2011	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.2.2010	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.2.2002	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.2.2001	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.2.2000	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0.5.1100	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0.5	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition mr4 build	scope:	eq	version:	9.0.41000	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0.4	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0.3.1000	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0.2.1000	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0.1.1.1000	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0.0.338	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	9.0	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.1	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.1.1008	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.1.1007	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.1.1000	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.0.0.359	Trust: 0.3
vendor:	symantec	model:	client security mr4 mp1 build	scope:	ne	version:	3.1.4-4010	Trust: 0.3
vendor:	symantec	model:	client security mr6 mp1 build	scope:	ne	version:	2.0.6-1100	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition mr4 mp1 build	scope:	ne	version:	10.1.4-4010	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition mr6 mp1 build	scope:	ne	version:	9.0.6-1100	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	ne	version:	10.2	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	ne	version:	10.1.6.6000	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	ne	version:	10.1.4.4010	Trust: 0.3

sources: BID: 24810 // JVNDB: JVNDB-2007-005862 // CNNVD: CNNVD-200707-306 // NVD: CVE-2007-3800

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-3800
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2007-3800
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200707-306
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-27162
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2007-3800
severity:	MEDIUM
baseScore:	6.0
vectorString:	AV:L/AC:H/AU:S/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-27162
severity:	MEDIUM
baseScore:	6.0
vectorString:	AV:L/AC:H/AU:S/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-27162 // JVNDB: JVNDB-2007-005862 // CNNVD: CNNVD-200707-306 // NVD: CVE-2007-3800

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-3800

THREAT TYPE

local

Trust: 1.0

sources: BID: 24810 // PACKETSTORM: 57694 // CNNVD: CNNVD-200707-306

TYPE

Design Error

Trust: 0.9

sources: BID: 24810 // CNNVD: CNNVD-200707-306

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-005862

PATCH

title:

SYM07-017

url:

http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html

Trust: 0.8

sources: JVNDB: JVNDB-2007-005862

EXTERNAL IDS

db:	NVD	id:	CVE-2007-3800	Trust: 2.8
db:	BID	id:	24810	Trust: 2.0
db:	SECUNIA	id:	26054	Trust: 1.8
db:	VUPEN	id:	ADV-2007-2506	Trust: 1.7
db:	OSVDB	id:	36116	Trust: 1.1
db:	JVNDB	id:	JVNDB-2007-005862	Trust: 0.8
db:	XF	id:	35352	Trust: 0.6
db:	CNNVD	id:	CNNVD-200707-306	Trust: 0.6
db:	VULHUB	id:	VHN-27162	Trust: 0.1
db:	PACKETSTORM	id:	57694	Trust: 0.1

sources: VULHUB: VHN-27162 // BID: 24810 // JVNDB: JVNDB-2007-005862 // PACKETSTORM: 57694 // CNNVD: CNNVD-200707-306 // NVD: CVE-2007-3800

REFERENCES

url:	http://securityresponse.symantec.com/avcenter/security/content/2007.07.11c.html	Trust: 1.8
url:	http://www.securityfocus.com/bid/24810	Trust: 1.7
url:	http://secunia.com/advisories/26054	Trust: 1.7
url:	http://osvdb.org/36116	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2007/2506	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/35352	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3800	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3800	Trust: 0.8
url:	http://www.frsirt.com/english/advisories/2007/2506	Trust: 0.6
url:	http://xforce.iss.net/xforce/xfdb/35352	Trust: 0.6
url:	http://www.symantec.com/products/enterprise?c=prodinfo&refid=805	Trust: 0.3
url:	http://www.symantec.com/smb/products/overview.jsp?pcid=end_sec&pvid=scs31	Trust: 0.3
url:	http://www.symantec.com/avcenter/security/content/2007.07.11c.html	Trust: 0.3
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/network_software_inspector/	Trust: 0.1
url:	http://www.symantec.com/enterprise/support/all_products.jsp	Trust: 0.1
url:	http://secunia.com/product/3549/	Trust: 0.1
url:	http://secunia.com/product/6649/	Trust: 0.1
url:	http://secunia.com/advisories/26054/	Trust: 0.1
url:	http://secunia.com/product/3478/	Trust: 0.1
url:	http://secunia.com/product/5555/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-27162 // BID: 24810 // JVNDB: JVNDB-2007-005862 // PACKETSTORM: 57694 // CNNVD: CNNVD-200707-306 // NVD: CVE-2007-3800

CREDITS

Ali Rahbar

Trust: 0.6

sources: CNNVD: CNNVD-200707-306

SOURCES

db:	VULHUB	id:	VHN-27162
db:	BID	id:	24810
db:	JVNDB	id:	JVNDB-2007-005862
db:	PACKETSTORM	id:	57694
db:	CNNVD	id:	CNNVD-200707-306
db:	NVD	id:	CVE-2007-3800

LAST UPDATE DATE

2024-11-23T21:49:02.285000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-27162	date:	2017-07-29T00:00:00
db:	BID	id:	24810	date:	2015-05-07T17:37:00
db:	JVNDB	id:	JVNDB-2007-005862	date:	2012-12-20T00:00:00
db:	CNNVD	id:	CNNVD-200707-306	date:	2007-07-18T00:00:00
db:	NVD	id:	CVE-2007-3800	date:	2024-11-21T00:34:05.940

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-27162	date:	2007-07-16T00:00:00
db:	BID	id:	24810	date:	2007-07-11T00:00:00
db:	JVNDB	id:	JVNDB-2007-005862	date:	2012-12-20T00:00:00
db:	PACKETSTORM	id:	57694	date:	2007-07-13T00:55:11
db:	CNNVD	id:	CNNVD-200707-306	date:	2007-07-16T00:00:00
db:	NVD	id:	CVE-2007-3800	date:	2007-07-16T23:30:00