Vulnerability-Lookup

CVE-2006-4802 (GCVE-0-2006-4802)

Vulnerability from cvelistv5 – Published: 2006-09-14 22:00 – Updated: 2024-08-07 19:23

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://securitytracker.com/id?1016842	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/19986	vdb-entryx_refsource_BID
	http://secunia.com/advisories/21884	third-party-advisoryx_refsource_SECUNIA
	http://securityresponse.symantec.com/avcenter/sec…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/446293/100…	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:23:41.127Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1016842",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016842"
          },
          {
            "name": "symantecantivirus-alert-dos(28937)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28937"
          },
          {
            "name": "19986",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19986"
          },
          {
            "name": "21884",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21884"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html"
          },
          {
            "name": "20060918 Symantec Security Advisory: Symantec AntiVirus Corporate Edition",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/446293/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-09-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a \"second format string vulnerability\" as found by the vendor."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1016842",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016842"
        },
        {
          "name": "symantecantivirus-alert-dos(28937)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28937"
        },
        {
          "name": "19986",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19986"
        },
        {
          "name": "21884",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21884"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html"
        },
        {
          "name": "20060918 Symantec Security Advisory: Symantec AntiVirus Corporate Edition",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/446293/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4802",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a \"second format string vulnerability\" as found by the vendor."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1016842",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016842"
            },
            {
              "name": "symantecantivirus-alert-dos(28937)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28937"
            },
            {
              "name": "19986",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19986"
            },
            {
              "name": "21884",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21884"
            },
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html",
              "refsource": "CONFIRM",
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html"
            },
            {
              "name": "20060918 Symantec Security Advisory: Symantec AntiVirus Corporate Edition",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/446293/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-4802",
    "datePublished": "2006-09-14T22:00:00",
    "dateReserved": "2006-09-14T00:00:00",
    "dateUpdated": "2024-08-07T19:23:41.127Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1DFD4CB-40A1-4D70-97AC-0941826F28CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C856CC4-0AAE-4539-A57B-0160AA5751F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE15AE1D-8647-444F-90F0-FC658A3AC344\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C03FA86-F2E6-4E41-8368-E917C91D7837\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*\", \"matchCriteriaId\": \"95BF74F0-40F1-4395-AC85-E6B566950C53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*\", \"matchCriteriaId\": \"994CB184-AFE8-4673-ACE8-085813F1E71F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*\", \"matchCriteriaId\": \"85CF6FFB-4189-4558-A70D-DE6D4C0C1F82\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*\", \"matchCriteriaId\": \"31D6A148-A92C-4FCA-8762-16764D62C363\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E6E2EA2-88DA-4DF0-9AA3-3E3D2C80C04E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7483F6DD-EDC0-497E-A5A9-B186E02CCCEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DA2590E-DFB0-4B72-99BC-B49AD97A4969\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB47C16B-5221-4D64-BDB2-65D072A66C02\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"204F2046-F116-45D7-9256-179A3B59886A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD0C67C0-3CF1-4BAD-A673-9B783E1D0724\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"274EA5DA-9519-46DE-B11E-87BDF1978E14\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"044C020A-0BCC-4037-BC32-73385A0BE019\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"102D0C6A-31B8-4275-A805-4CA446D1C77F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA18147D-E618-4902-8837-5824240DD50E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75D357CC-EAD0-42E3-B38C-BE2DC44D154E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"201403B4-3B5C-4F77-ADAE-7A553D4D58F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8D19926-AB65-4C06-8C44-7EA9B070FD1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F27E94F-F6D6-4C40-878F-BF952658A909\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AA71038-2D4E-4366-A3D1-AD85251B3E5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:1.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC689F12-84C6-4B52-970F-DAF6B00B4A42\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DDD0E02-306D-4675-B73A-2C2F619CDDCF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"251E7DE8-4485-438E-B62D-1BF508ECCCF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"742DB20E-AB26-4CF4-A383-BDCF3FBA448F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5E4BCD7-E441-417A-8C52-E1DE80AD67CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4D86F7A-F2C0-471C-8EA8-E1C7230F25AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"3AA02AEB-362B-4A09-92E3-D6D8BB4B6CB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"E626F14C-FDE9-4C6A-8CE7-B99CD4FEE485\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"EC4CFE5A-4D51-405D-B92E-37DE4E617ABE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"727A116A-D18C-4F3F-A6A8-2C6107FFB8C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"4A6612F1-4CA8-427A-AED4-854F943BA3D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"D9E85FD6-9E89-4497-854C-60A20639CE52\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"2860637E-6FA5-445A-86B5-E9F2D2D7DD37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"EDF0DA40-1AC4-4610-AEAC-F431E23BAEAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"018D1F3B-BAFC-461E-B833-9E0F98A6533D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"4B9AED5E-2D66-4EB2-95CC-158D909AAE6E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*\", \"matchCriteriaId\": \"56D54011-9B09-4C63-8301-609C03E51099\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a \\\"second format string vulnerability\\\" as found by the vendor.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de formato de cadena en el servicio Real Time Virus Scan de Symantec AntiVirus Corporate Edition 8.1 a la 10.0, y Client Security 1.x a la 3.0, permite a un usuario local ejecutar c\\u00f3digo de su elecci\\u00f3n a trav\\u00e9s de un vector no espeficicado relacionado con los mensajes de notificaci\\u00f3n de alertas, un vector diferente a CVE-2006-3454, una \\\"segunda vulnerabilidad de formato de cadena\\\" seg\\u00fan lo encontrado por el vendedor.\"}]",
      "id": "CVE-2006-4802",
      "lastModified": "2024-11-21T00:16:47.523",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": true, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2006-09-14T22:07:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/21884\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1016842\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/446293/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/19986\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/28937\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/21884\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1016842\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/446293/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/19986\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/28937\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-4802\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-09-14T22:07:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a \\\"second format string vulnerability\\\" as found by the vendor.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de formato de cadena en el servicio Real Time Virus Scan de Symantec AntiVirus Corporate Edition 8.1 a la 10.0, y Client Security 1.x a la 3.0, permite a un usuario local ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un vector no espeficicado relacionado con los mensajes de notificaci\u00f3n de alertas, un vector diferente a CVE-2006-3454, una \\\"segunda vulnerabilidad de formato de cadena\\\" seg\u00fan lo encontrado por el vendedor.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1DFD4CB-40A1-4D70-97AC-0941826F28CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C856CC4-0AAE-4539-A57B-0160AA5751F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE15AE1D-8647-444F-90F0-FC658A3AC344\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C03FA86-F2E6-4E41-8368-E917C91D7837\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*\",\"matchCriteriaId\":\"95BF74F0-40F1-4395-AC85-E6B566950C53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*\",\"matchCriteriaId\":\"994CB184-AFE8-4673-ACE8-085813F1E71F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*\",\"matchCriteriaId\":\"85CF6FFB-4189-4558-A70D-DE6D4C0C1F82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*\",\"matchCriteriaId\":\"31D6A148-A92C-4FCA-8762-16764D62C363\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E6E2EA2-88DA-4DF0-9AA3-3E3D2C80C04E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7483F6DD-EDC0-497E-A5A9-B186E02CCCEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DA2590E-DFB0-4B72-99BC-B49AD97A4969\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB47C16B-5221-4D64-BDB2-65D072A66C02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"204F2046-F116-45D7-9256-179A3B59886A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD0C67C0-3CF1-4BAD-A673-9B783E1D0724\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"274EA5DA-9519-46DE-B11E-87BDF1978E14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"044C020A-0BCC-4037-BC32-73385A0BE019\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"102D0C6A-31B8-4275-A805-4CA446D1C77F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA18147D-E618-4902-8837-5824240DD50E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75D357CC-EAD0-42E3-B38C-BE2DC44D154E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"201403B4-3B5C-4F77-ADAE-7A553D4D58F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8D19926-AB65-4C06-8C44-7EA9B070FD1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F27E94F-F6D6-4C40-878F-BF952658A909\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA71038-2D4E-4366-A3D1-AD85251B3E5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC689F12-84C6-4B52-970F-DAF6B00B4A42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DDD0E02-306D-4675-B73A-2C2F619CDDCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"251E7DE8-4485-438E-B62D-1BF508ECCCF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"742DB20E-AB26-4CF4-A383-BDCF3FBA448F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5E4BCD7-E441-417A-8C52-E1DE80AD67CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4D86F7A-F2C0-471C-8EA8-E1C7230F25AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"3AA02AEB-362B-4A09-92E3-D6D8BB4B6CB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"E626F14C-FDE9-4C6A-8CE7-B99CD4FEE485\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"EC4CFE5A-4D51-405D-B92E-37DE4E617ABE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"727A116A-D18C-4F3F-A6A8-2C6107FFB8C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"4A6612F1-4CA8-427A-AED4-854F943BA3D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"D9E85FD6-9E89-4497-854C-60A20639CE52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"2860637E-6FA5-445A-86B5-E9F2D2D7DD37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"EDF0DA40-1AC4-4610-AEAC-F431E23BAEAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"018D1F3B-BAFC-461E-B833-9E0F98A6533D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"4B9AED5E-2D66-4EB2-95CC-158D909AAE6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*\",\"matchCriteriaId\":\"56D54011-9B09-4C63-8301-609C03E51099\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/21884\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1016842\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/446293/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/19986\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/28937\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21884\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1016842\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/446293/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/19986\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/28937\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2006-4802

Vulnerability from fkie_nvd - Published: 2006-09-14 22:07 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/21884	Vendor Advisory
cve@mitre.org	http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html
cve@mitre.org	http://securitytracker.com/id?1016842
cve@mitre.org	http://www.securityfocus.com/archive/1/446293/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/19986
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/28937
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21884	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016842
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/446293/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/19986
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/28937

Impacted products

Vendor	Product	Version
symantec	client_security	1.0
symantec	client_security	1.0.1
symantec	client_security	1.0.1_build_8.01.434
symantec	client_security	1.0.1_build_8.01.437
symantec	client_security	1.0.1_build_8.01.446
symantec	client_security	1.0.1_build_8.01.457
symantec	client_security	1.0.1_build_8.01.460
symantec	client_security	1.0.1_build_8.01.464
symantec	client_security	1.0.1_build_8.01.471
symantec	client_security	1.1
symantec	client_security	1.1.1
symantec	client_security	1.1.1_mr1_build_8.1.1.314a
symantec	client_security	1.1.1_mr2_build_8.1.1.319
symantec	client_security	1.1.1_mr3_build_8.1.1.323
symantec	client_security	1.1.1_mr4_build_8.1.1.329
symantec	client_security	1.1.1_mr5_build_8.1.1.336
symantec	client_security	1.2
symantec	client_security	1.3
symantec	client_security	1.4
symantec	client_security	1.5
symantec	client_security	1.6
symantec	client_security	1.7
symantec	client_security	1.8
symantec	client_security	1.9
symantec	client_security	2.0
symantec	client_security	2.0.1
symantec	client_security	2.0.2
symantec	client_security	2.0.3
symantec	client_security	2.0.4
symantec	norton_antivirus	8.1
symantec	norton_antivirus	8.1.1.319
symantec	norton_antivirus	8.1.1.323
symantec	norton_antivirus	8.1.1.329
symantec	norton_antivirus	8.1.1_build8.1.1.314a
symantec	norton_antivirus	9.0
symantec	norton_antivirus	9.0.1
symantec	norton_antivirus	9.0.1.1.1000
symantec	norton_antivirus	9.0.1.1000
symantec	norton_antivirus	9.0.2
symantec	norton_antivirus	9.0.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1DFD4CB-40A1-4D70-97AC-0941826F28CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C856CC4-0AAE-4539-A57B-0160AA5751F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*",
              "matchCriteriaId": "BE15AE1D-8647-444F-90F0-FC658A3AC344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C03FA86-F2E6-4E41-8368-E917C91D7837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*",
              "matchCriteriaId": "95BF74F0-40F1-4395-AC85-E6B566950C53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*",
              "matchCriteriaId": "994CB184-AFE8-4673-ACE8-085813F1E71F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*",
              "matchCriteriaId": "85CF6FFB-4189-4558-A70D-DE6D4C0C1F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*",
              "matchCriteriaId": "31D6A148-A92C-4FCA-8762-16764D62C363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*",
              "matchCriteriaId": "3E6E2EA2-88DA-4DF0-9AA3-3E3D2C80C04E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7483F6DD-EDC0-497E-A5A9-B186E02CCCEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DA2590E-DFB0-4B72-99BC-B49AD97A4969",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB47C16B-5221-4D64-BDB2-65D072A66C02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*",
              "matchCriteriaId": "204F2046-F116-45D7-9256-179A3B59886A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD0C67C0-3CF1-4BAD-A673-9B783E1D0724",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*",
              "matchCriteriaId": "274EA5DA-9519-46DE-B11E-87BDF1978E14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*",
              "matchCriteriaId": "044C020A-0BCC-4037-BC32-73385A0BE019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "102D0C6A-31B8-4275-A805-4CA446D1C77F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA18147D-E618-4902-8837-5824240DD50E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "75D357CC-EAD0-42E3-B38C-BE2DC44D154E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "201403B4-3B5C-4F77-ADAE-7A553D4D58F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D19926-AB65-4C06-8C44-7EA9B070FD1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F27E94F-F6D6-4C40-878F-BF952658A909",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA71038-2D4E-4366-A3D1-AD85251B3E5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC689F12-84C6-4B52-970F-DAF6B00B4A42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "251E7DE8-4485-438E-B62D-1BF508ECCCF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "742DB20E-AB26-4CF4-A383-BDCF3FBA448F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5E4BCD7-E441-417A-8C52-E1DE80AD67CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4D86F7A-F2C0-471C-8EA8-E1C7230F25AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "3AA02AEB-362B-4A09-92E3-D6D8BB4B6CB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "E626F14C-FDE9-4C6A-8CE7-B99CD4FEE485",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "EC4CFE5A-4D51-405D-B92E-37DE4E617ABE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "727A116A-D18C-4F3F-A6A8-2C6107FFB8C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "4A6612F1-4CA8-427A-AED4-854F943BA3D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "D9E85FD6-9E89-4497-854C-60A20639CE52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "2860637E-6FA5-445A-86B5-E9F2D2D7DD37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "EDF0DA40-1AC4-4610-AEAC-F431E23BAEAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "018D1F3B-BAFC-461E-B833-9E0F98A6533D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "4B9AED5E-2D66-4EB2-95CC-158D909AAE6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "56D54011-9B09-4C63-8301-609C03E51099",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a \"second format string vulnerability\" as found by the vendor."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de formato de cadena en el servicio Real Time Virus Scan de Symantec AntiVirus Corporate Edition 8.1 a la 10.0, y Client Security 1.x a la 3.0, permite a un usuario local ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un vector no espeficicado relacionado con los mensajes de notificaci\u00f3n de alertas, un vector diferente a CVE-2006-3454, una \"segunda vulnerabilidad de formato de cadena\" seg\u00fan lo encontrado por el vendedor."
    }
  ],
  "id": "CVE-2006-4802",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-09-14T22:07:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21884"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016842"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/446293/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/19986"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21884"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016842"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/446293/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/19986"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28937"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2006-4802

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-4802

Aliases

CVE-2006-4802

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-4802",
    "description": "Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a \"second format string vulnerability\" as found by the vendor.",
    "id": "GSD-2006-4802"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-4802"
      ],
      "details": "Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a \"second format string vulnerability\" as found by the vendor.",
      "id": "GSD-2006-4802",
      "modified": "2023-12-13T01:19:51.460185Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-4802",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a \"second format string vulnerability\" as found by the vendor."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1016842",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016842"
          },
          {
            "name": "symantecantivirus-alert-dos(28937)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28937"
          },
          {
            "name": "19986",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/19986"
          },
          {
            "name": "21884",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21884"
          },
          {
            "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html",
            "refsource": "CONFIRM",
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html"
          },
          {
            "name": "20060918 Symantec Security Advisory: Symantec AntiVirus Corporate Edition",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/446293/100/0/threaded"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4802"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a \"second format string vulnerability\" as found by the vendor."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html"
            },
            {
              "name": "21884",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/21884"
            },
            {
              "name": "19986",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/19986"
            },
            {
              "name": "1016842",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016842"
            },
            {
              "name": "symantecantivirus-alert-dos(28937)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28937"
            },
            {
              "name": "20060918 Symantec Security Advisory: Symantec AntiVirus Corporate Edition",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/446293/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": true,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-17T21:39Z",
      "publishedDate": "2006-09-14T22:07Z"
    }
  }
}

GHSA-G9VF-RJJ3-HJHG

Vulnerability from github – Published: 2022-05-01 07:22 – Updated: 2022-05-01 07:22

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-4802"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-09-14T22:07:00Z",
    "severity": "MODERATE"
  },
  "details": "Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a \"second format string vulnerability\" as found by the vendor.",
  "id": "GHSA-g9vf-rjj3-hjhg",
  "modified": "2022-05-01T07:22:07Z",
  "published": "2022-05-01T07:22:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4802"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28937"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21884"
    },
    {
      "type": "WEB",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016842"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/446293/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/19986"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-200609-0268

Vulnerability from variot - Updated: 2024-02-13 22:43

Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a "second format string vulnerability" as found by the vendor. Symantec AntiVirus Corporate Edition is prone to multiple format-string vulnerabilities because it fails to properly sanitize user-supplied input before using it in the format-specifier argument to a formatted-printing function. Successfully exploiting these vulnerabilities may allow an attacker to execute arbitrary machine code with SYSTEM-level privileges. Attackers may also crash the Real Time Virus Scan service. Symantec AntiVirus is a very popular antivirus solution.

Want to work within IT-Security?

Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.

2) Another format string error exists in the alert notification process when displaying a notification message upon detection of a malicious file.

SOLUTION: Apply patches (see patch matrix in vendor advisory).

PROVIDED AND/OR DISCOVERED BY: 1) David Heiland, Layered Defense. 2) Reported by the vendor

ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html

Layered Defense: http://layereddefense.com/SAV13SEPT.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Debian Security Advisory DSA 1216-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff November 20th, 2006 http://www.debian.org/security/faq

Package : flexbackup Vulnerability : insecure temporary file Problem-Type : local Debian-specific: no CVE ID : CVE-2006-4802 Debian Bug : 334350

Eric Romang discovered that the flexbackup backup tool creates temporary files in an insecure manner, which allows denial of service through a symlink attack.

For the stable distribution (sarge) this problem has been fixed in version 1.2.1-2sarge1

For the upcoming stable distribution (etch) this problem has been fixed in version 1.2.1-3.

For the unstable distribution (sid) this problem has been fixed in version 1.2.1-3.

We recommend that you upgrade your flexbackup package.

Upgrade Instructions

wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update will update the internal database apt-get upgrade will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1.dsc
  Size/MD5 checksum:      587 06539319d0534272e216306562677723
http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1.diff.gz
  Size/MD5 checksum:     3546 3365f545bd49464f4e58bacc503f8b28
http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1.orig.tar.gz
  Size/MD5 checksum:    80158 4955c89dbee354248f354a9bf0a480dd

Architecture independent components:

http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1_all.deb
  Size/MD5 checksum:    75836 240f8792a65a0d80b8ef85d4343a4827

These files will probably be moved into the stable distribution on its next update.

For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFYhMIXm3vHE4uyloRAjjTAKDCnxcy1cKXf1yBEbVCIyc3JANyMQCgz8JD pz5K4X1ok9uom1/tmGPBFoU= =WJOD -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200609-0268",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "1.1"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "1.0.1"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "1.0"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "1.0.1_build_8.01.446"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "1.0.1_build_8.01.457"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "1.0.1_build_8.01.471"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "1.0.1_build_8.01.437"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "1.0.1_build_8.01.434"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "1.0.1_build_8.01.464"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "1.0.1_build_8.01.460"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "2.0"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "1.1.1"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "8.1.1.319"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "1.5"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "1.1.1_mr1_build_8.1.1.314a"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "9.0"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "8.1"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "1.4"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "9.0.1"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "9.0.2"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "1.1.1_mr3_build_8.1.1.323"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "2.0.1"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "1.3"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "1.6"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "9.0.4"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "2.0.4"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "8.1.1_build8.1.1.314a"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "2.0.3"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "1.1.1_mr2_build_8.1.1.319"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "8.1.1.323"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "1.7"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "8.1.1.329"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "1.1.1_mr4_build_8.1.1.329"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "1.9"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "1.2"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "2.0.2"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "1.8"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "9.0.1.1000"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "1.1.1_mr5_build_8.1.1.336"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "9.0.1.1.1000"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "symantec",
        "version": "1.x to  3.0"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "symantec",
        "version": "corporate edition 8.1 to  10.0"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2011"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2010"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2002"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2001"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2000"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0"
      },
      {
        "model": "client security mr3 b9.0.3.1000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.3"
      },
      {
        "model": "client security mr2 b9.0.2.1000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.2"
      },
      {
        "model": "client security mr1 b9.0.1.1000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.1"
      },
      {
        "model": "client security stm build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.09.0.0.338"
      },
      {
        "model": "client security (scf",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.07.1)"
      },
      {
        "model": "client security mr5 build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1.18.1.1.336"
      },
      {
        "model": "client security mr4 build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1.18.1.1.329"
      },
      {
        "model": "client security mr3 build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1.18.1.1.323"
      },
      {
        "model": "client security mr2 build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1.18.1.1.319"
      },
      {
        "model": "client security mr1 build 8.1.1.314a",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1.1"
      },
      {
        "model": "client security mr6 b8.1.1.266",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1.1"
      },
      {
        "model": "client security stm b8.1.0.825a",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1"
      },
      {
        "model": "client security mr8 build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.18.01.471"
      },
      {
        "model": "client security mr7 build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.18.01.464"
      },
      {
        "model": "client security mr6 build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.18.01.460"
      },
      {
        "model": "client security mr5 build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.18.01.457"
      },
      {
        "model": "client security mr4 build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.18.01.446"
      },
      {
        "model": "client security mr3 build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.18.01.434"
      },
      {
        "model": "client security build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.18.01.437"
      },
      {
        "model": "client security mr9 b8.01.501",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.1"
      },
      {
        "model": "client security mr2 b8.01.429c",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.1"
      },
      {
        "model": "client security mr1 b8.01.425a/b",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.1"
      },
      {
        "model": "client security b8.01.9378",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0.0"
      },
      {
        "model": "client security b8.01.9374",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2011"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2010"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2002"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2001"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2000"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.5"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.4"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.3.1000"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.2.1000"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.1.1.1000"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.0.338"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.18.1.1.329"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.18.1.1.323"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.18.1.1.319"
      },
      {
        "model": "antivirus corporate edition build 8.1.1.314a",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.1"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.1.377"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.1.366"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.1"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.18.01.471"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.18.01.464"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.18.01.460"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.18.01.457"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.18.01.446"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.18.01.437"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.18.01.434"
      },
      {
        "model": "antivirus corporate edition .0.825a",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1"
      },
      {
        "model": "client security",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2.2020"
      },
      {
        "model": "client security build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2.0.51100"
      },
      {
        "model": "client security build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1.1393"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.0.2.2020"
      },
      {
        "model": "antivirus corporate edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "9.0.5.1100"
      },
      {
        "model": "antivirus corporate edition build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.1.1393"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "19986"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003176"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-242"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4802"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:1.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-4802"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Deral Heiland http://www.layereddefense.com/",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-242"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-4802",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": true,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 4.6,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2006-4802",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-20910",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2006-4802",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200609-242",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-20910",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2006-4802",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-20910"
      },
      {
        "db": "VULMON",
        "id": "CVE-2006-4802"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003176"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-242"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4802"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a \"second format string vulnerability\" as found by the vendor. Symantec AntiVirus Corporate Edition is prone to multiple format-string vulnerabilities because it fails to properly sanitize user-supplied input before using it in the format-specifier argument to a formatted-printing function. \nSuccessfully exploiting these vulnerabilities may allow an attacker to execute arbitrary machine code with SYSTEM-level privileges. Attackers may also crash the Real Time Virus Scan service. Symantec AntiVirus is a very popular antivirus solution. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\n2) Another format string error exists in the alert notification\nprocess when displaying a notification message upon detection of a\nmalicious file. \n\nSOLUTION:\nApply patches (see patch matrix in vendor advisory). \n\nPROVIDED AND/OR DISCOVERED BY:\n1) David Heiland, Layered Defense. \n2) Reported by the vendor\n\nORIGINAL ADVISORY:\nSymantec:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html\n\nLayered Defense:\nhttp://layereddefense.com/SAV13SEPT.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1216-1                    security@debian.org\nhttp://www.debian.org/security/                         Moritz Muehlenhoff\nNovember 20th, 2006                     http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage        : flexbackup\nVulnerability  : insecure temporary file\nProblem-Type   : local\nDebian-specific: no\nCVE ID         : CVE-2006-4802\nDebian Bug     : 334350\n\nEric Romang discovered that the flexbackup backup tool creates temporary\nfiles in an insecure manner, which allows denial of service through a\nsymlink attack. \n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 1.2.1-2sarge1\n\nFor the upcoming stable distribution (etch) this problem has been\nfixed in version 1.2.1-3. \n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.2.1-3. \n\nWe recommend that you upgrade your flexbackup package. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n  Source archives:\n\n    http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1.dsc\n      Size/MD5 checksum:      587 06539319d0534272e216306562677723\n    http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1.diff.gz\n      Size/MD5 checksum:     3546 3365f545bd49464f4e58bacc503f8b28\n    http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1.orig.tar.gz\n      Size/MD5 checksum:    80158 4955c89dbee354248f354a9bf0a480dd\n\n  Architecture independent components:\n\n    http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1_all.deb\n      Size/MD5 checksum:    75836 240f8792a65a0d80b8ef85d4343a4827\n\n  These files will probably be moved into the stable distribution on\n  its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niD8DBQFFYhMIXm3vHE4uyloRAjjTAKDCnxcy1cKXf1yBEbVCIyc3JANyMQCgz8JD\npz5K4X1ok9uom1/tmGPBFoU=\n=WJOD\n-----END PGP SIGNATURE-----\n\n\n\n\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-4802"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003176"
      },
      {
        "db": "BID",
        "id": "19986"
      },
      {
        "db": "VULHUB",
        "id": "VHN-20910"
      },
      {
        "db": "VULMON",
        "id": "CVE-2006-4802"
      },
      {
        "db": "PACKETSTORM",
        "id": "50042"
      },
      {
        "db": "PACKETSTORM",
        "id": "52385"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2006-4802",
        "trust": 3.0
      },
      {
        "db": "BID",
        "id": "19986",
        "trust": 2.1
      },
      {
        "db": "SECUNIA",
        "id": "21884",
        "trust": 1.9
      },
      {
        "db": "SECTRACK",
        "id": "1016842",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003176",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-242",
        "trust": 0.7
      },
      {
        "db": "BUGTRAQ",
        "id": "20060918 SYMANTEC SECURITY ADVISORY: SYMANTEC ANTIVIRUS CORPORATE EDITION",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "28937",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "52385",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-20910",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2006-4802",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "50042",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-20910"
      },
      {
        "db": "VULMON",
        "id": "CVE-2006-4802"
      },
      {
        "db": "BID",
        "id": "19986"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003176"
      },
      {
        "db": "PACKETSTORM",
        "id": "50042"
      },
      {
        "db": "PACKETSTORM",
        "id": "52385"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-242"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4802"
      }
    ]
  },
  "id": "VAR-200609-0268",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-20910"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-02-13T22:43:05.396000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SYM06-017",
        "trust": 0.8,
        "url": "http://securityresponse.symantec.com/avcenter/security/content/2006.09.13.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003176"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-4802"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "http://securityresponse.symantec.com/avcenter/security/content/2006.09.13.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.securityfocus.com/bid/19986"
      },
      {
        "trust": 1.8,
        "url": "http://securitytracker.com/id?1016842"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/21884"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/archive/1/446293/100/0/threaded"
      },
      {
        "trust": 1.2,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28937"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4802"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4802"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/28937"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/446293/100/0/threaded"
      },
      {
        "trust": 0.3,
        "url": "http://www.symantec.com/products/enterprise?c=prodinfo\u0026refid=805"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/446041"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/quality_assurance_analyst/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3549/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6649/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3478/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2344/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5555/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/659/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/web_application_security_specialist/"
      },
      {
        "trust": 0.1,
        "url": "http://layereddefense.com/sav13sept.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/21884/"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://packages.debian.org/\u003cpkg\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1-2sarge1.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4802"
      },
      {
        "trust": 0.1,
        "url": "http://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "http://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/f/flexbackup/flexbackup_1.2.1.orig.tar.gz"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-20910"
      },
      {
        "db": "VULMON",
        "id": "CVE-2006-4802"
      },
      {
        "db": "BID",
        "id": "19986"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003176"
      },
      {
        "db": "PACKETSTORM",
        "id": "50042"
      },
      {
        "db": "PACKETSTORM",
        "id": "52385"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-242"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4802"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-20910"
      },
      {
        "db": "VULMON",
        "id": "CVE-2006-4802"
      },
      {
        "db": "BID",
        "id": "19986"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003176"
      },
      {
        "db": "PACKETSTORM",
        "id": "50042"
      },
      {
        "db": "PACKETSTORM",
        "id": "52385"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-242"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4802"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-09-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-20910"
      },
      {
        "date": "2006-09-14T00:00:00",
        "db": "VULMON",
        "id": "CVE-2006-4802"
      },
      {
        "date": "2006-09-13T00:00:00",
        "db": "BID",
        "id": "19986"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-003176"
      },
      {
        "date": "2006-09-14T22:28:53",
        "db": "PACKETSTORM",
        "id": "50042"
      },
      {
        "date": "2006-11-21T07:18:54",
        "db": "PACKETSTORM",
        "id": "52385"
      },
      {
        "date": "2006-09-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200609-242"
      },
      {
        "date": "2006-09-14T22:07:00",
        "db": "NVD",
        "id": "CVE-2006-4802"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-20910"
      },
      {
        "date": "2018-10-17T00:00:00",
        "db": "VULMON",
        "id": "CVE-2006-4802"
      },
      {
        "date": "2016-07-05T21:38:00",
        "db": "BID",
        "id": "19986"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-003176"
      },
      {
        "date": "2006-09-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200609-242"
      },
      {
        "date": "2018-10-17T21:39:37.980000",
        "db": "NVD",
        "id": "CVE-2006-4802"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "19986"
      },
      {
        "db": "PACKETSTORM",
        "id": "50042"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-242"
      }
    ],
    "trust": 1.0
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Symantec AntiVirus Corporate Edition Such as  Real Time Virus Scan Format string vulnerability in service",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003176"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "format string",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-242"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-4802 (GCVE-0-2006-4802)

FKIE_CVE-2006-4802

GSD-2006-4802

GHSA-G9VF-RJJ3-HJHG

VAR-200609-0268

Tags

Sightings

Nomenclature