Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1540

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2002-1540
Last Modified 10 Sep 2008 03:14:51
Published 31 Mar 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-1540

Summary

The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32.

Vulnerable Systems

Application

  • Symantec Norton Antivirus Corporate 7.5

  • Symantec Norton Antivirus Corporate 7.51

  • Symantec Norton Antivirus Corporate 7.6


References

XF - nav-winhlp32-gain-privileges(10475)

OSVDB - 6258

BUGTRAQ - 20021025 RE: DH team: Norton Antivirus Corporate Edition Privilege Escalation, http://online.securityfocus.com/archive/1/296979/2002-10-22/2002-10-28/0

BUGTRAQ - 20021024 DH team: Norton Antivirus Corporate Edition Privilege Escalation


Last Updated: 27 May 2016 10:37:23