CVSS: 9.1EPSS: 1%CPEs: 1EXPL: 1CVE-2002-0344
https://notcve.org/view.php?id=CVE-2002-0344
03 May 2002 — Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server. • http://marc.info/?l=bugtraq&m=101466781122312&w=2 •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 0CVE-2001-1125
https://notcve.org/view.php?id=CVE-2001-1125
05 Oct 2001 — Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site. • http://www.sarc.com/avcenter/security/Content/2001.10.05.html • CWE-494: Download of Code Without Integrity Check •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2001-1126
https://notcve.org/view.php?id=CVE-2001-1126
05 Oct 2001 — Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site. • http://www.sarc.com/avcenter/security/Content/2001.10.05.html •