4.6

CVE-2006-4802

EPSS 0.08%
Veröffentlicht 14.09.2006 22:07:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a "second format string vulnerability" as found by the vendor.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Symantec ≫ Client Security Version1.0

Symantec ≫ Client Security Version1.0.1

Symantec ≫ Client Security Version1.0.1_build_8.01.434 Updatemr3

Symantec ≫ Client Security Version1.0.1_build_8.01.437

Symantec ≫ Client Security Version1.0.1_build_8.01.446 Updatemr4

Symantec ≫ Client Security Version1.0.1_build_8.01.457 Updatemr5

Symantec ≫ Client Security Version1.0.1_build_8.01.460 Updatemr6

Symantec ≫ Client Security Version1.0.1_build_8.01.464 Updatemr7

Symantec ≫ Client Security Version1.0.1_build_8.01.471 Updatemr8

Symantec ≫ Client Security Version1.1

Symantec ≫ Client Security Version1.1.1

Symantec ≫ Client Security Version1.1.1_mr1_build_8.1.1.314a

Symantec ≫ Client Security Version1.1.1_mr2_build_8.1.1.319

Symantec ≫ Client Security Version1.1.1_mr3_build_8.1.1.323

Symantec ≫ Client Security Version1.1.1_mr4_build_8.1.1.329

Symantec ≫ Client Security Version1.1.1_mr5_build_8.1.1.336

Symantec ≫ Client Security Version1.2

Symantec ≫ Client Security Version1.3

Symantec ≫ Client Security Version1.4

Symantec ≫ Client Security Version1.5

Symantec ≫ Client Security Version1.6

Symantec ≫ Client Security Version1.7

Symantec ≫ Client Security Version1.8

Symantec ≫ Client Security Version1.9

Symantec ≫ Client Security Version2.0

Symantec ≫ Client Security Version2.0.1

Symantec ≫ Client Security Version2.0.2

Symantec ≫ Client Security Version2.0.3

Symantec ≫ Client Security Version2.0.4

Symantec ≫ Norton Antivirus Version8.1 Editioncorporate

Symantec ≫ Norton Antivirus Version8.1.1.319 Editioncorporate

Symantec ≫ Norton Antivirus Version8.1.1.323 Editioncorporate

Symantec ≫ Norton Antivirus Version8.1.1.329 Editioncorporate

Symantec ≫ Norton Antivirus Version8.1.1_build8.1.1.314a Editioncorporate

Symantec ≫ Norton Antivirus Version9.0 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.1 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.1.1.1000 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.1.1000 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.2 Editioncorporate

Symantec ≫ Norton Antivirus Version9.0.4 Editioncorporate

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.25

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/21884

Vendor Advisory

http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html

http://securitytracker.com/id?1016842

http://www.securityfocus.com/archive/1/446293/100/0/threaded

http://www.securityfocus.com/bid/19986

https://exchange.xforce.ibmcloud.com/vulnerabilities/28937

https://nvd.nist.gov/vuln/detail/CVE-2006-4802

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-4802

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-4802

EUVD