CVE-2003-1310
First published: Wed Dec 31 2003(Updated: )
The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack").
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Norton Antivirus | =2002 | |
| Symantec Norton Antivirus | =2003 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2003-1310?
CVE-2003-1310 is classified as a high-severity vulnerability due to its potential for privilege escalation.
How do I fix CVE-2003-1310?
To mitigate CVE-2003-1310, it is recommended to uninstall vulnerable versions of Symantec Norton AntiVirus or apply available patches if applicable.
What systems are affected by CVE-2003-1310?
CVE-2003-1310 affects Symantec Norton AntiVirus 2002 and 2003 on Windows operating systems.
Can CVE-2003-1310 be exploited remotely?
CVE-2003-1310 requires local access to the machine to exploit the vulnerability.
What potential impact does CVE-2003-1310 have on systems?
CVE-2003-1310 can allow local users to gain elevated privileges, potentially compromising the integrity and security of the affected system.
- agent/first-publish-date
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- vendor/symantec
- product/norton antivirus
- agent/software-canonical-lookup-request
- collector/nvd-index
- canonical/symantec norton antivirus
- version/symantec norton antivirus/2002
- version/symantec norton antivirus/2003