Vulnerability Description
The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (CPU consumption and system crash) by renaming a file on a network share.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Norton Antivirus | 2.1 |
| Symantec | Norton Internet Security | 2004 |
| Symantec | Norton System Works | 2004_professional |
References
- http://secunia.com/advisories/14741
- http://securityresponse.symantec.com/avcenter/security/Content/2005.03.28.htmlVendor Advisory
- http://securitytracker.com/id?1013585
- http://securitytracker.com/id?1013586
- http://securitytracker.com/id?1013587
- http://www.kb.cert.org/vuls/id/713620Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/12924
- http://secunia.com/advisories/14741
- http://securityresponse.symantec.com/avcenter/security/Content/2005.03.28.htmlVendor Advisory
- http://securitytracker.com/id?1013585
- http://securitytracker.com/id?1013586
- http://securitytracker.com/id?1013587
- http://www.kb.cert.org/vuls/id/713620Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/12924
FAQ
What is CVE-2005-0923?
CVE-2005-0923 is a vulnerability with a CVSS score of 2.1 (LOW). The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial...
How severe is CVE-2005-0923?
CVE-2005-0923 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0923?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Norton Antivirus, Symantec Norton Internet Security, Symantec Norton System Works.