← Back

CVE-2007-1793

nvd nist
Published: Apr 2, 2007Modified: Apr 23, 2026

JSON object

Loading...
4.9
Vector
AV:L/AC:L/Au:N/C:N/I:N/A:C
Exploitability: 3.9 / Impact: 6.9
Source: NVD

Description

SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.

Affected (56)

Symantec
8 products
Antivirus
Client Security
Norton 360
Norton Antispam
Norton Antivirus
Norton Internet Security
Norton Personal Firewall
Norton System Works
Configuration A
56 vulnerable
Vulnerable SoftwareAffected Versions
Symantec
Antivirus
Version 10.0.1.1
Antivirus
Version 10.0.1
Antivirus
Version 10.0.2.1
Antivirus
Version 10.0.2.2
Antivirus
Version 10.0.2
Antivirus
Version 10.0.3
Antivirus
Version 10.0.4
Antivirus
Version 10.0.5
Antivirus
Version 10.0.6
Antivirus
Version 10.0.7
Antivirus
Version 10.0.8
Antivirus
Version 10.0.9
Antivirus
Version 10.0
Symantec
Client Security
Version 3.0.0.359
Client Security
Version 3.0.1.1000
Client Security
Version 3.0.1.1001
Client Security
Version 3.0.1.1007
Client Security
Version 3.0.1.1008
Client Security
Version 3.0.1.1009
Client Security
Version 3.0.2.2000
Client Security
Version 3.0.2.2001
Client Security
Version 3.0.2.2002
Client Security
Version 3.0.2.2010
Client Security
Version 3.0.2.2011
Client Security
Version 3.0.2.2020
Client Security
Version 3.0.2.2021
Client Security
Version 3.0.2
Client Security
Version 3.0
Client Security
Version 3.1.0.396
Client Security
Version 3.1.0.401
Client Security
Version 3.1.394
Client Security
Version 3.1.396
Client Security
Version 3.1.400
Client Security
Version 3.1.401
Client Security
Version 3.1
Norton 360
Version 1.0
Symantec
Norton Antispam
Version 2004
Norton Antispam
Version 2005
Symantec
Norton Antivirus
Version 2004
Norton Antivirus
Version 2005
Norton Antivirus
Version 2006
Norton Antivirus
Version 2007
Norton Antivirus
Version 2008
Symantec
Norton Internet Security
Version 2004
Norton Internet Security
Version 2005
Norton Internet Security
Version 2006
Norton Internet Security
Version 2007
Norton Internet Security
Version 2008
Symantec
Norton Personal Firewall
Version 2004
Norton Personal Firewall
Version 2005
Norton Personal Firewall
Version 2006
Norton Personal Firewall
Version 2006_9.1.0.33
Norton Personal Firewall
Version 2006_9.1.1.7
Symantec
Norton System Works
Version 2004
Norton System Works
Version 2005
Norton System Works
Version 2006

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (34)

Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.