VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Sep 14, 2006· Updated Apr 16, 2026

CVE-2006-3454

CVE-2006-3454

Description

Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allow local users to execute arbitrary code via format strings in (1) Tamper Protection and (2) Virus Alert Notification messages.

Affected products

15
  • Symantec/Client Security10 versions
    cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*
  • Symantec/Norton Antivirus5 versions
    cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*+ 4 more
    • cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*
    • cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*
    • cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*
    • cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*
    • cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

9

News mentions

0

No linked articles in our index yet.