Symantec Norton Security suffers from a local privilege escalation vulnerability in symTDI.sys. Exploit included.
346b36e57180712961f94ec561d4f025aa38510cab65289c24d7891db2570bf7
iDefense Security Advisory 07.11.07 - Local exploitation of an input validation vulnerability in version 5.5.1.6 of symtdi.sys allows attackers to elevate privileges to SYSTEM. The vulnerability specifically exists due to improper address space validation when the \\symTDI\ device driver processes IOCTL 0x83022323. An attacker can overwrite an arbitrary address, including code segments, with a constant double word value by supplying a specially crafted Irp to the IOCTL handler function. iDefense confirmed this vulnerability in version 5.5.1.6 of Symantec's symtdi.sys device driver as included with version 10 of Symantec AntiVirus Corporate Edition. Previous versions and related products that contain the affected driver are suspected vulnerable.
89b8df0a698bad87591ee7bc3ce90d08d805621a82a1469e365acd5f4ab9e8bb