Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0994

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2003-0994
Last Modified 31 Aug 2013 12:27:17
Published 03 Feb 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-0994

Summary

The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in Norton Internet Security 2001 through 2004, SystemWorks 2001 through 2004, and AntiVirus and Norton AntiVirus Pro 2001 through 2004, AntiVirus for Handhelds v3.0, allows local users to gain SYSTEM privileges.

Vulnerable Systems

Application

  • Symantec Norton Antivirus 2.1

  • Symantec Norton Antivirus 2001

  • Symantec Norton Antivirus 2002

  • Symantec Norton Antivirus 2003

  • Symantec Norton Antivirus 2004

  • Symantec Norton Antivirus V3.0

  • Symantec Norton Internet Security 2001

  • Symantec Norton Internet Security 2002

  • Symantec Norton Internet Security 2003

  • Symantec Norton Internet Security 2004

  • Symantec Norton System Works 2001

  • Symantec Norton System Works 2002

  • Symantec Norton System Works 2003

  • Symantec Norton System Works 2004

  • Symantec Windows Liveupdate 1.70.x

  • Symantec Windows Liveupdate 1.90.x


References

BUGTRAQ - 20040112 Re: SRT2004-01-9-1022 - Symantec LiveUpdate allows local users to become SYSTEM

MISC - http://www.secnetops.biz/research/SRT2004-01-09-1022.txt

BUGTRAQ - 20040112 SRT2004-01-9-1022 - Symantec LiveUpdate allows local users to become SYSTEM

OSVDB - 3428


Last Updated: 27 May 2016 10:38:08