PT-2006-4339 · Symantec · Symantec Antivirus Corporate Edition+1

Published

2006-09-13

Updated

2018-10-18

CVE-2006-3454

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Symantec AntiVirus Corporate Edition versions 8.1 through 10.0 Symantec Client Security versions 1.x through 3.0

Description The issue allows local users to execute arbitrary code via format strings in Tamper Protection and Virus Alert Notification messages.

Recommendations For Symantec AntiVirus Corporate Edition versions 8.1 through 10.0, update to a version outside of this range to resolve the issue. For Symantec Client Security versions 1.x through 3.0, update to a version outside of this range to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-3454

Affected Products

Symantec Antivirus Corporate Edition

Symantec Client Security

PT-2006-4339 · Symantec · Symantec Antivirus Corporate Edition+1

CVE-2006-3454

Related Identifiers

Affected Products

References · 15