CVE-2006-4855

N/A Unknown

Published: September 19, 2006 Modified: April 16, 2026

Description

The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/21938

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/1591

Source: cve@mitre.org

http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html

Source: cve@mitre.org

http://securitytracker.com/id?1016889

Source: cve@mitre.org

http://securitytracker.com/id?1016892

Source: cve@mitre.org

http://securitytracker.com/id?1016893

Source: cve@mitre.org

http://securitytracker.com/id?1016894

Source: cve@mitre.org

http://securitytracker.com/id?1016895

Source: cve@mitre.org

http://securitytracker.com/id?1016896

Source: cve@mitre.org

http://securitytracker.com/id?1016897

Source: cve@mitre.org

http://securitytracker.com/id?1016898

Source: cve@mitre.org

http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/446111/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/20051

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2006/3636

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/28960

Source: cve@mitre.org

http://secunia.com/advisories/21938

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/1591

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1016889

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1016892

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1016893

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1016894

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1016895

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1016896

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1016897

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1016898

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/archive/1/446111/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/20051

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.vupen.com/english/advisories/2006/3636

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/28960

Source: af854a3a-2127-422b-91ae-364da2661108

32 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

0.3%

51th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-399

Affected Vendors

symantec

Related CVEs

CVE-2026-4049 N/A

CVE-2026-41455 8.5

CVE-2026-41454 8.3

CVE-2026-41314 N/A

CVE-2026-41313 N/A