Local Privilege Escalation in Symantec LiveUpdate
CVE-2003-0994

Currently unrated

Key Information:

Vendor: Symantec
Status: Norton Antivirus; Norton Internet Security; Norton System Works; Windows Liveupdate
Vendor: CVE Published:; 3 February 2004

Summary

A vulnerability exists in the GUI functionality of Symantec LiveUpdate versions 1.70.x through 1.90.x, enabling local users to elevate their privileges to SYSTEM level. This security flaw impacts various Symantec products, including Norton Internet Security and SystemWorks, allowing unauthorized users to exploit the vulnerability for malicious purposes.

References

http://www.osvdb.org/3428

vdb-entryx_refsource_OSVDB

http://lists.grok.org.uk/pipermail/full-disclosure/2004-J...

mailing-listx_refsource_FULLDISC

http://marc.info/?l=bugtraq&m=107393473928245&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Feb 3, 2004
Vulnerability Reserved
Dec 16, 2003