Norman Virus Control NVCOAFT51.SYS Driver Multiple Vulnerabilities
BID:25499
Info
Norman Virus Control NVCOAFT51.SYS Driver Multiple Vulnerabilities
| Bugtraq ID: | 25499 |
| Class: | Unknown |
| CVE: |
CVE-2007-4648 |
| Remote: | No |
| Local: | Yes |
| Published: | Aug 31 2007 12:00AM |
| Updated: | May 07 2015 05:35PM |
| Credit: | InocraM is credited with the discovery of this issue. |
| Vulnerable: |
Norman Virus Control 5.82 |
| Not Vulnerable: | |
Discussion
Norman Virus Control NVCOAFT51.SYS Driver Multiple Vulnerabilities
Norman Virus Control is prone to multiple vulnerabilities including a heap-based kernel memory buffer-overflow issue and multiple input-validation vulnerabilities.
These issues reside in the 'nvcoaft51.sys' driver.
Attackers can exploit these issues to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.
Norman Virus Control 5.82 is vulnerable; other versions may also be affected.
NOTE: Other Norman products may also use the affected driver.
Norman Virus Control is prone to multiple vulnerabilities including a heap-based kernel memory buffer-overflow issue and multiple input-validation vulnerabilities.
These issues reside in the 'nvcoaft51.sys' driver.
Attackers can exploit these issues to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.
Norman Virus Control 5.82 is vulnerable; other versions may also be affected.
NOTE: Other Norman products may also use the affected driver.
Exploit / POC
Norman Virus Control NVCOAFT51.SYS Driver Multiple Vulnerabilities
The following exploit code is available:
The following exploit code is available:
Solution / Fix
Norman Virus Control NVCOAFT51.SYS Driver Multiple Vulnerabilities
Solution:
Reports indicate that Norman Virus Control 5.90 implements a filter that replaces the affected driver, but this has not been confirmed. Please contact the vendor for more information.
Solution:
Reports indicate that Norman Virus Control 5.90 implements a filter that replaces the affected driver, but this has not been confirmed. Please contact the vendor for more information.
References
Norman Virus Control NVCOAFT51.SYS Driver Multiple Vulnerabilities
References:
References:
- Noweb Homepage (Norman Ramsey)
- Multiple vulnerabilities in Norman NVC 5.82 driver (vulndev 48bits)