Vulnerability in Symantec Liveupdate
CVE-2006-1836
Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program.
EPSS: 0.004 (30.6th percentile) — read the EPSS interpretation.
Affected products
- Symantec Liveupdate — versions 3.0, 3.0.1, 3.0.2
- Symantec Norton_antivirus — versions 9.0.0, 9.0.1, 9.0.2
- Symantec Norton_internet_security — versions 3.0
- Symantec Norton_personal_firewall — versions 3.0, 3.1
- Symantec Norton_system_works — versions 3.0
- Symantec Norton_utilities — versions 8.0
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_SREASON, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (x_refsource_CONFIRM, Patch)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_XF)