CVE-2007-1793

high

Description

SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/33352

http://www.vupen.com/english/advisories/2007/1192

http://www.securitytracker.com/id?1021389

http://www.securitytracker.com/id?1021388

http://www.securitytracker.com/id?1021387

http://www.securitytracker.com/id?1021386

http://www.securitytracker.com/id?1017838

http://www.securitytracker.com/id?1017837

http://www.securityfocus.com/archive/1/479830/100/0/threaded

http://www.securityfocus.com/archive/1/464456/100/0/threaded

http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php

http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php

http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php

http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html

http://secunia.com/advisories/24677

http://osvdb.org/34692

Details

Source: Mitre, NVD

Published: 2007-04-02

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00262