CVE-2007-1793 - Vulnerability Details

SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:L/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Symantec	Antivirus Client Security Norton 360 Norton Antispam Norton Antivirus Norton Internet Security Norton Personal Firewall Norton System Works

Configuration 1 [-]

OR	cpe:2.3:a:symantec:antivirus:10.0::corporate:::::
	cpe:2.3:a:symantec:antivirus:10.0.1::corporate:::::
	cpe:2.3:a:symantec:antivirus:10.0.1.1::corporate:::::
	cpe:2.3:a:symantec:antivirus:10.0.2::corporate:::::
	cpe:2.3:a:symantec:antivirus:10.0.2.1::corporate:::::
	cpe:2.3:a:symantec:antivirus:10.0.2.2::corporate:::::
	cpe:2.3:a:symantec:antivirus:10.0.3::corporate:::::
	cpe:2.3:a:symantec:antivirus:10.0.4::corporate:::::
	cpe:2.3:a:symantec:antivirus:10.0.5::corporate:::::
	cpe:2.3:a:symantec:antivirus:10.0.6::corporate:::::
	cpe:2.3:a:symantec:antivirus:10.0.7::corporate:::::
	cpe:2.3:a:symantec:antivirus:10.0.8::corporate:::::
	cpe:2.3:a:symantec:antivirus:10.0.9::corporate:::::
	cpe:2.3:a:symantec:client_security:3.0:::::::*
	cpe:2.3:a:symantec:client_security:3.0.0.359:::::::*
	cpe:2.3:a:symantec:client_security:3.0.1.1000:::::::*
	cpe:2.3:a:symantec:client_security:3.0.1.1001:::::::*
	cpe:2.3:a:symantec:client_security:3.0.1.1007:::::::*
	cpe:2.3:a:symantec:client_security:3.0.1.1008:::::::*
	cpe:2.3:a:symantec:client_security:3.0.1.1009:::::::*
	cpe:2.3:a:symantec:client_security:3.0.2:::::::*
	cpe:2.3:a:symantec:client_security:3.0.2.2000:::::::*
	cpe:2.3:a:symantec:client_security:3.0.2.2001:::::::*
	cpe:2.3:a:symantec:client_security:3.0.2.2002:::::::*
	cpe:2.3:a:symantec:client_security:3.0.2.2010:::::::*
	cpe:2.3:a:symantec:client_security:3.0.2.2011:::::::*
	cpe:2.3:a:symantec:client_security:3.0.2.2020:::::::*
	cpe:2.3:a:symantec:client_security:3.0.2.2021:::::::*
	cpe:2.3:a:symantec:client_security:3.1:::::::*
	cpe:2.3:a:symantec:client_security:3.1.0.396:::::::*
	cpe:2.3:a:symantec:client_security:3.1.0.401:::::::*
	cpe:2.3:a:symantec:client_security:3.1.394:::::::*
	cpe:2.3:a:symantec:client_security:3.1.396:::::::*
	cpe:2.3:a:symantec:client_security:3.1.400:::::::*
	cpe:2.3:a:symantec:client_security:3.1.401:::::::*
	cpe:2.3:a:symantec:norton_360:1.0:::::::*
	cpe:2.3:a:symantec:norton_antispam:2004:::::::*
	cpe:2.3:a:symantec:norton_antispam:2005:::::::*
	cpe:2.3:a:symantec:norton_antivirus:2004:::::::*
	cpe:2.3:a:symantec:norton_antivirus:2005:::::::*
	cpe:2.3:a:symantec:norton_antivirus:2006:::::::*
	cpe:2.3:a:symantec:norton_antivirus:2007:::::::*
	cpe:2.3:a:symantec:norton_antivirus:2008:::::::*
	cpe:2.3:a:symantec:norton_internet_security:2004:::::::*
	cpe:2.3:a:symantec:norton_internet_security:2005:::::::*
	cpe:2.3:a:symantec:norton_internet_security:2006:::::::*
	cpe:2.3:a:symantec:norton_internet_security:2007:::::::*
	cpe:2.3:a:symantec:norton_internet_security:2008:::::::*
	cpe:2.3:a:symantec:norton_personal_firewall:2004:::::::*
	cpe:2.3:a:symantec:norton_personal_firewall:2005:::::::*
	cpe:2.3:a:symantec:norton_personal_firewall:2006:::::::*
	cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:::::::*
	cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.1.7:::::::*
	cpe:2.3:a:symantec:norton_system_works:2004:::::::*
	cpe:2.3:a:symantec:norton_system_works:2005:::::::*
	cpe:2.3:a:symantec:norton_system_works:2006:::::::*

No data.

References

Link	Providers
http://osvdb.org/34692
http://secunia.com/advisories/24677
http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html
http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php
http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php
http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php
http://www.securityfocus.com/archive/1/464456/100/0/threaded
http://www.securityfocus.com/archive/1/479830/100/0/threaded
http://www.securityfocus.com/bid/23241
http://www.securitytracker.com/id?1017837
http://www.securitytracker.com/id?1017838
http://www.securitytracker.com/id?1021386
http://www.securitytracker.com/id?1021387
http://www.securitytracker.com/id?1021388
http://www.securitytracker.com/id?1021389
http://www.vupen.com/english/advisories/2007/1192
https://exchange.xforce.ibmcloud.com/vulnerabilities/33352

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-04-02T22:00:00

Updated: 2024-08-07T13:06:26.391Z

Reserved: 2007-04-02T00:00:00

Link: CVE-2007-1793

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-04-02T22:19:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-1793

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-04-01T00:00:00", "descriptions": [{"lang": "en", "value": "SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2007-1192", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1192"}, {"tags": ["x_refsource_MISC"], "url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"}, {"name": "20070401 Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"}, {"name": "1021386", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021386"}, {"name": "1017837", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1017837"}, {"name": "23241", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23241"}, {"name": "1021388", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021388"}, {"name": "1021389", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021389"}, {"tags": ["x_refsource_MISC"], "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"}, {"name": "symantec-firewall-ssdt-dos(33352)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"}, {"tags": ["x_refsource_MISC"], "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"}, {"name": "34692", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/34692"}, {"name": "1017838", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1017838"}, {"name": "1021387", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021387"}, {"name": "24677", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24677"}, {"name": "20070918 Plague in (security) software drivers & BSDOhook utility", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1793", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2007-1192", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1192"}, {"name": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php", "refsource": "MISC", "url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"}, {"name": "20070401 Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"}, {"name": "1021386", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021386"}, {"name": "1017837", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017837"}, {"name": "23241", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23241"}, {"name": "1021388", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021388"}, {"name": "1021389", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021389"}, {"name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php", "refsource": "MISC", "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"}, {"name": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html", "refsource": "CONFIRM", "url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"}, {"name": "symantec-firewall-ssdt-dos(33352)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"}, {"name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php", "refsource": "MISC", "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"}, {"name": "34692", "refsource": "OSVDB", "url": "http://osvdb.org/34692"}, {"name": "1017838", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017838"}, {"name": "1021387", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021387"}, {"name": "24677", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24677"}, {"name": "20070918 Plague in (security) software drivers & BSDOhook utility", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:06:26.391Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2007-1192", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1192"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"}, {"name": "20070401 Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"}, {"name": "1021386", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021386"}, {"name": "1017837", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1017837"}, {"name": "23241", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23241"}, {"name": "1021388", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021388"}, {"name": "1021389", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021389"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"}, {"name": "symantec-firewall-ssdt-dos(33352)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"}, {"name": "34692", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/34692"}, {"name": "1017838", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1017838"}, {"name": "1021387", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021387"}, {"name": "24677", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24677"}, {"name": "20070918 Plague in (security) software drivers & BSDOhook utility", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1793", "datePublished": "2007-04-02T22:00:00", "dateReserved": "2007-04-02T00:00:00", "dateUpdated": "2024-08-07T13:06:26.391Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*", "matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*", "matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*", "matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*", "matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*", "matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*", "matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*", "matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*", "matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*", "matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*", "matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*", "matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*", "matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*", "matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*", "matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*", "matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*", "matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*", "matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*", "matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*", "matchCriteriaId": "E651C9BE-201B-4DDC-A650-F9269531290C", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*", "matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*", "matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*", "matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*", "matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*", "matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*", "matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*", "matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*", "matchCriteriaId": "17110872-8BD5-4CB0-9F2A-B18D091A7EC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*", "matchCriteriaId": "9D29AD07-6545-4180-8E32-C18586684845", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*", "matchCriteriaId": "D6090F86-0B42-403F-9996-9B7670EBAA5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*", "matchCriteriaId": "B3706E76-FC65-467E-8D09-A9EAC32E9BBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*", "matchCriteriaId": "BF555313-BB5A-4D8A-A3A1-609ABC39F6FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*", "matchCriteriaId": "BC74372F-329A-4597-810B-88B865771C9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_360:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "00819E08-CC5C-48FC-9F80-95B68AB19C65", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antispam:2004:*:*:*:*:*:*:*", "matchCriteriaId": "EA28BC22-ABF0-4F1E-BA83-85B398775450", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antispam:2005:*:*:*:*:*:*:*", "matchCriteriaId": "44553774-85FF-4F2E-81CA-696A454EAA49", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:*:*:*:*:*:*", "matchCriteriaId": "DF5E129A-4FA8-4084-92BE-5A65FABD53DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*", "matchCriteriaId": "11477B6E-C4C5-4664-91A7-D253077981F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*", "matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*", "matchCriteriaId": "C988B309-F397-412A-8570-C3823C7FE7E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_antivirus:2008:*:*:*:*:*:*:*", "matchCriteriaId": "FA990FD5-DF2F-470A-936D-155A36BEDE3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*", "matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*", "matchCriteriaId": "06C7CD61-A47B-4521-8C6F-4BB1F4C95614", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*", "matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*", "matchCriteriaId": "692ECBCD-AB6B-4965-93F4-BDAD4777C018", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*", "matchCriteriaId": "3EF87752-C86D-4C89-9DE9-F874068C89EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*", "matchCriteriaId": "36C0FF0C-EB6E-479B-BFF9-E55CBC0D6500", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*", "matchCriteriaId": "CB5F3CB3-7EB3-416C-AD2F-6357DC7248CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*", "matchCriteriaId": "C890A979-00E7-44E6-8CEA-8E4B2C966622", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*", "matchCriteriaId": "0E8C73F1-FEF1-40A3-BFAB-CE226B98E001", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "3FC50007-59F4-45B0-BABF-BCF2CAB4A9B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*", "matchCriteriaId": "F589D9AA-FD1B-4929-93DC-801C36087E64", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*", "matchCriteriaId": "29F670F0-FD5D-447C-94B8-691482D907F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*", "matchCriteriaId": "05EB078C-2538-4961-ABFF-6C4601C3977F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected."}, {"lang": "es", "value": "El archivo SPBBCDrv.sys en Symantec Norton Personal Firewall 2006 versiones 9.1.0.33 y 9.1.1.7 no comprueba ciertos argumentos antes de ser pasado hacia los controladores de la funci\u00f3n SSDT enlazada, lo que permite a los usuarios locales causar una denegaci\u00f3n de servicio (bloqueo) o posiblemente ejecutar c\u00f3digo arbitrario por medio de argumentos creados para las funciones (1) NtCreateMutant y (2) NtOpenEvent. NOTA: m\u00e1s tarde se inform\u00f3 que Norton Internet Security 2008 versi\u00f3n 15.0.0.60, y posiblemente otras versiones de 2006, tambi\u00e9n se ven afectados."}], "id": "CVE-2007-1793", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-04-02T22:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/34692"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/24677"}, {"source": "cve@mitre.org", "url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"}, {"source": "cve@mitre.org", "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"}, {"source": "cve@mitre.org", "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/23241"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securitytracker.com/id?1017837"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securitytracker.com/id?1017838"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1021386"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1021387"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1021388"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1021389"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1192"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/34692"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/24677"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/23241"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securitytracker.com/id?1017837"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securitytracker.com/id?1017838"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021386"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021387"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021388"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021389"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1192"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object