Tue, Oct 24 2006 17:13
Symantec Products SAVRT.SYS Device Driver Privilege Escalation
A vulnerability has been reported in various
Symantec products, which can be exploited by malicious, local users to
gain escalated privileges.
The vulnerability is caused due to an improper validation of the output
buffer address space of a "DeviceIOControl()" call in the SAVRT.SYS
device driver. This can be exploited to overwrite kernel memory and
execute arbitrary code with elevated privileges.
The vulnerability is reported in the following versions:
- Symantec AntiVirus Corporate Edition 8.1
- Symantec AntiVirus Corporate Edition 9.0.3 and earlier
- Symantec Client Security 1.1
- Symantec Client Security 2.0.3 and earlier
Update to a fixed version (see the vendor's advisory for details).
Provided and/or discovered by:
The vendor credits Boon Seng Lim.
Filed under: Alerts