Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2759

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2005-2759
Last Modified 07 Mar 2011 09:24:59
Published 20 Oct 2005 07:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-2759

Summary

** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges. NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify. Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue.

Vulnerable Systems

Application

  • Symantec Norton Antivirus 9.0.3


References

CONFIRM - http://www.symantec.com/avcenter/security/Content/2005.10.19a.html

IDEFENSE - 20051020 Symantec Norton AntiVirus LiveUpdate Local Privilege Escalation

BID - 15142

SECTRACK - 1015083

SECUNIA - 17268


Last Updated: 27 May 2016 10:40:38