Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Liveupdate
(Symantec)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 5 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2001-10-05 | CVE-2001-1125 | Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site. | Liveupdate | 9.8 | ||
2006-04-19 | CVE-2006-1836 | Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program. | Liveupdate, Norton_antivirus, Norton_internet_security, Norton_personal_firewall, Norton_system_works, Norton_utilities | N/A | ||
2002-06-25 | CVE-2002-0344 | Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server. | Liveupdate | N/A | ||
2001-10-05 | CVE-2001-1126 | Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site. | Liveupdate | N/A | ||
2001-08-14 | CVE-2001-0549 | Symantec LiveUpdate 1.5 stores proxy passwords in cleartext in a registry key, which could allow local users to obtain the passwords. | Liveupdate | N/A |