Liveupdate
Sign in to watchby Symantec
CVEs (5)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2001-1125 | Cri | 0.64 | 9.8 | 0.03 | Oct 5, 2001 | Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site. | |
| CVE-2006-1836 | 0.00 | — | 0.00 | Apr 19, 2006 | Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program. | ||
| CVE-2002-0344 | 0.00 | — | 0.02 | Jun 25, 2002 | Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server. | ||
| CVE-2001-1126 | 0.00 | — | 0.01 | Oct 5, 2001 | Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site. | ||
| CVE-2001-0549 | 0.00 | — | 0.01 | Aug 14, 2001 | Symantec LiveUpdate 1.5 stores proxy passwords in cleartext in a registry key, which could allow local users to obtain the passwords. |