Lucene search
K
SymantecLiveupdate

5 matches found

CVE
CVE
added 2002/05/03 4:0 a.m.51 views

CVE-2002-0344

CVE-2002-0344 affects Symantec LiveUpdate 1.5 and earlier used with Norton Antivirus. The issue stems from storing usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server. The NVD entry describes thi...

5CVSS6.9AI score0.02753EPSS
CVE
CVE
added 2002/03/15 5:0 a.m.50 views

CVE-2001-1125

CVE-2001-1125 concerns Symantec LiveUpdate prior to 1.6, where the update mechanism did not cryptographically verify downloaded files. This enables a remote attacker to achieve arbitrary code execution via DNS spoofing of the update site (update.symantec.com). The issue affects LiveUpdate version...

9.8CVSS8.1AI score0.02474EPSS
CVE
CVE
added 2002/03/15 5:0 a.m.50 views

CVE-2001-1126

Symantec LiveUpdate 1.4–1.6 (and possibly later versions) are affected. The vulnerability allows a remote attacker to cause a denial-of-service (flood) by DNS spoofing the update.symantec.com site. Impact is a partial loss of availability. The description does not provide exploit details, affecte...

5CVSS7.1AI score0.02595EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.49 views

CVE-2001-0549

The CVE describes Symantec LiveUpdate 1.5 storing proxy passwords in cleartext in the registry (HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\LiveUpdate\Preferences\Proxy), allowing local users to read credentials. CERT/CC details confirm local read access to the registry key and recommend upgrading to Li...

4.6CVSS6.2AI score0.00383EPSS
CVE
CVE
added 2006/04/19 4:0 p.m.46 views

CVE-2006-1836

CVE-2006-1836 affects Symantec LiveUpdate for Macintosh, versions 3.0.0 through 3.5.0. The vulnerability is an untrusted search path due to not setting the execution path, enabling local users to gain privileges via a Trojan horse program. The documents establish the affected product line and roo...

6.8CVSS6.6AI score0.00389EPSS