Page 5 of 36 results (0.004 seconds)

CVSS: 7.2EPSS: %CPEs: 1EXPL: 0

** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges. NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify. Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue. • http://secunia.com/advisories/17268 http://securitytracker.com/id?1015083 http://www.idefense.com/application/poi/display?id=324&type=vulnerabilities http://www.securityfocus.com/bid/15142 http://www.symantec.com/avcenter/security/Content/2005.10.19a.html •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0

Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly other versions, when obtaining updates from an internal LiveUpdate server, stores sensitive information in cleartext in the Log.Liveupdate log file, which allows attackers to obtain the username and password to the internal LiveUpdate server. • http://marc.info/?l=bugtraq&m=112552401413998&w=2 •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Symantec AntiVirus 9 Corporate Edition allows local users to gain privileges via the "Scan for viruses" option, which launches a help window with raised privileges, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2002-1540. • http://www.idefense.com/application/poi/display?id=298&type=vulnerabilities http://www.symantec.com/avcenter/security/Content/2005.08.24.html •

CVSS: 2.1EPSS: 0%CPEs: 6EXPL: 0

The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (CPU consumption and system crash) by renaming a file on a network share. • http://secunia.com/advisories/14741 http://securityresponse.symantec.com/avcenter/security/Content/2005.03.28.html http://securitytracker.com/id?1013585 http://securitytracker.com/id?1013586 http://securitytracker.com/id?1013587 http://www.kb.cert.org/vuls/id/713620 http://www.securityfocus.com/bid/12924 •

CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0

Unknown vulnerability in the Auto-Protect module in Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (system hang or crash) by triggering a scan of a certain file type. • http://secunia.com/advisories/14741 http://securityresponse.symantec.com/avcenter/security/Content/2005.03.28.html http://securitytracker.com/id?1013585 http://securitytracker.com/id?1013586 http://securitytracker.com/id?1013587 http://www.kb.cert.org/vuls/id/146020 http://www.securityfocus.com/bid/12923 •