CVE-2006-1836
- EPSS 0.39%
- Veröffentlicht 19.04.2006 16:06:00
- Zuletzt bearbeitet 16.06.2026 22:23:46
Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program.
- EPSS 2.75%
- Veröffentlicht 25.06.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:57:15
Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server.
CVE-2001-1125
- EPSS 2.47%
- Veröffentlicht 05.10.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:55:38
Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site.
- EPSS 2.6%
- Veröffentlicht 05.10.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:55:38
Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site.
CVE-2001-0549
- EPSS 0.38%
- Veröffentlicht 14.08.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:54:30
Symantec LiveUpdate 1.5 stores proxy passwords in cleartext in a registry key, which could allow local users to obtain the passwords.