Certain device drivers included with Symantec products fail to properly verify address space within the "IOCTL" handlers.
Symantec provides Anti-Virus and Internet Security products that are designed to protect users. According to Symantec Security Response SYM06-020:
A specially crafted IRP could be sent to the IOCTL handler function which could allow memory to be overwritten because the address space was not properly validated.
This vulnerability could allow a local attacker to execute arbitrary code with kernel level privileges.
This issue was reported in Symantec Security Response SYM06-020 Symantec credits Ruben Santamarta working with the iDefense Vulnerability Contributor Program for reporting this issue.
|Date First Published:||2006-10-10|
|Date Last Updated:||2006-10-11 14:10 UTC|