SYM06-022 Symantec Device Driver Elevation of Privilege: Boon Seng Lim notified Symantec of a vulnerability in SAVRT.SYS which could allow a malicious user to use the output buffer of DeviceIOControl()to overwrite kernel addresses because the address space of the output buffer was not properly validated. A successful exploit could potentially allow a local attacker to execute code of their choice with elevated privileges, or to crash the system.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/51390/SYM06-022.txt
Source: https://packetstormsecurity.com/files/51390/SYM06-022.txt.html