7.2
CVE-2006-3454
- EPSS 0.09%
- Veröffentlicht 14.09.2006 00:07:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allow local users to execute arbitrary code via format strings in (1) Tamper Protection and (2) Virus Alert Notification messages.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Symantec ≫ Client Security Version1.0
Symantec ≫ Client Security Version1.0.1
Symantec ≫ Client Security Version1.1
Symantec ≫ Client Security Version1.1.1
Symantec ≫ Client Security Version2.0
Symantec ≫ Client Security Version2.0.1
Symantec ≫ Client Security Version2.0.2
Symantec ≫ Client Security Version2.0.3
Symantec ≫ Client Security Version2.0.4
Symantec ≫ Client Security Version3.0
Symantec ≫ Norton Antivirus Version8.1 Editioncorporate
Symantec ≫ Norton Antivirus Version9.0 Editioncorporate
Symantec ≫ Norton Antivirus Version9.0.1 Editioncorporate
Symantec ≫ Norton Antivirus Version9.0.2 Editioncorporate
Symantec ≫ Norton Antivirus Version10.0 Editioncorporate
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.254 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|