Unrated severityNVD Advisory· Published Sep 14, 2006· Updated Jun 16, 2026
CVE-2006-3454
CVE-2006-3454
Description
Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allow local users to execute arbitrary code via format strings in (1) Tamper Protection and (2) Virus Alert Notification messages.
Affected products
17cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*
- (no CPE)range: 1.x - 3.0
cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*+ 4 more
- cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*
- cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*
- Range: 8.1 - 10.0
Patches
Vulnerability mechanics
References
9- securityresponse.symantec.com/avcenter/security/Content/2006.09.13.htmlnvdPatchVendor Advisory
- layereddefense.com/SAV13SEPT.htmlnvd
- secunia.com/advisories/21884nvd
- securitytracker.com/idnvd
- www.securityfocus.com/archive/1/446041/100/0/threadednvd
- www.securityfocus.com/archive/1/446293/100/0/threadednvd
- www.securityfocus.com/bid/19986nvd
- www.vupen.com/english/advisories/2006/3599nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/28936nvd
News mentions
0No linked articles in our index yet.