7.2
CVE-2006-3454
- EPSS 0.09%
- Published 14.09.2006 00:07:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allow local users to execute arbitrary code via format strings in (1) Tamper Protection and (2) Virus Alert Notification messages.
Data is provided by the National Vulnerability Database (NVD)
Symantec ≫ Client Security Version1.0
Symantec ≫ Client Security Version1.0.1
Symantec ≫ Client Security Version1.1
Symantec ≫ Client Security Version1.1.1
Symantec ≫ Client Security Version2.0
Symantec ≫ Client Security Version2.0.1
Symantec ≫ Client Security Version2.0.2
Symantec ≫ Client Security Version2.0.3
Symantec ≫ Client Security Version2.0.4
Symantec ≫ Client Security Version3.0
Symantec ≫ Norton Antivirus Version8.1 Editioncorporate
Symantec ≫ Norton Antivirus Version9.0 Editioncorporate
Symantec ≫ Norton Antivirus Version9.0.1 Editioncorporate
Symantec ≫ Norton Antivirus Version9.0.2 Editioncorporate
Symantec ≫ Norton Antivirus Version10.0 Editioncorporate
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.254 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|