Vulnerability Description
The nvcoaft51 driver in Norman Virus Control (NVC) 5.82 uses weak permissions (unrestricted write access) for the NvcOa device, which allows local users to gain privileges by (1) triggering a buffer overflow in a kernel pool via a string argument to ioctl 0xBF67201C; or by (2) sending a crafted KEVENT structure through ioctl 0xBF672028 to overwrite arbitrary memory locations.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Norman | Norman Virus Control | 5.82 |
Related Weaknesses (CWE)
References
- http://securityreason.com/securityalert/3087
- http://www.48bits.com/exploits/nvc.rarExploit
- http://www.securityfocus.com/archive/1/478224/100/0/threaded
- http://www.securityfocus.com/bid/25499
- http://www.securitytracker.com/id?1018636
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36373
- http://securityreason.com/securityalert/3087
- http://www.48bits.com/exploits/nvc.rarExploit
- http://www.securityfocus.com/archive/1/478224/100/0/threaded
- http://www.securityfocus.com/bid/25499
- http://www.securitytracker.com/id?1018636
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36373
FAQ
What is CVE-2007-4648?
CVE-2007-4648 is a vulnerability with a CVSS score of 7.2 (HIGH). The nvcoaft51 driver in Norman Virus Control (NVC) 5.82 uses weak permissions (unrestricted write access) for the NvcOa device, which allows local users to gain privileges by (1) triggering a buffer o...
How severe is CVE-2007-4648?
CVE-2007-4648 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4648?
Check the references section above for vendor advisories and patch information. Affected products include: Norman Norman Virus Control.