A vulnerability has been reported in various Symantec products, which can be exploited by malicious, local users to gain escalated privileges.
The vulnerability is caused due to an improper validation of the output buffer address space of a "DeviceIOControl()" call in the SAVRT.SYS device driver. This can be exploited to overwrite kernel memory and execute arbitrary code with elevated privileges.
The vulnerability is reported in the following versions:
- Symantec AntiVirus Corporate Edition 8.1
- Symantec AntiVirus Corporate Edition 9.0.3 and earlier
- Symantec Client Security 1.1
- Symantec Client Security 2.0.3 and earlier
Update to a fixed version (see the vendor's advisory for details).
Provided and/or discovered by:
The vendor credits Boon Seng Lim.