CVE-2006-3455 - Mutational Distortions

Description

The SAVRT.SYS device driver as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3 and Symantec Client Security 1.1 and 2.0.x up to 2.0.3 allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.

Reference

http://www.symantec.com/avcenter/security/Content/2006.10.23.html http://secunia.com/advisories/22536 http://www.securityfocus.com/bid/20684 http://securitytracker.com/id?1017108 http://securitytracker.com/id?1017109 http://www.vupen.com/english/advisories/2006/4157 https://exchange.xforce.ibmcloud.com/vulnerabilities/29762 http://www.securityfocus.com/archive/1/449524/100/0/threaded