CVE-2007-3673

Name of the Vulnerable Software and Affected Versions Symantec AntiVirus Corporate Edition versions 9 through 10.1 Symantec Client Security versions 2.0 through 3.1 Norton AntiSpam version 2005 Norton AntiVirus versions 2005 and 2006 Norton Internet Security versions 2005 and 2006 Norton Personal Firewall versions 2005 and 2006 Norton System Works versions 2005 and 2006 symtdi.sys version prior to 7.0.0

Description The issue allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to symTDI, resulting in memory overwrite.

Recommendations For Symantec AntiVirus Corporate Edition versions 9 through 10.1, update symtdi.sys to version 7.0.0 or later. For Symantec Client Security versions 2.0 through 3.1, update symtdi.sys to version 7.0.0 or later. For Norton AntiSpam version 2005, update symtdi.sys to version 7.0.0 or later. For Norton AntiVirus versions 2005 and 2006, update symtdi.sys to version 7.0.0 or later. For Norton Internet Security versions 2005 and 2006, update symtdi.sys to version 7.0.0 or later. For Norton Personal Firewall versions 2005 and 2006, update symtdi.sys to version 7.0.0 or later. For Norton System Works versions 2005 and 2006, update symtdi.sys to version 7.0.0 or later. For symtdi.sys version prior to 7.0.0, update to version 7.0.0 or later.