Symlink Vulnerability in Symantec AntiVirus for Red Hat Linux
CVE-2004-0217

7HIGH

Key Information:

Vendor: Symantec
Status: Antivirus Scan Engine
Vendor: CVE Published:; 15 April 2004

What is CVE-2004-0217?

The LiveUpdate feature in the Symantec AntiVirus Scan Engine versions 4.0 and 4.3 for Red Hat Linux contains a vulnerability that allows local users to exploit symlink functionalities. By manipulating the /tmp/LiveUpdate.log file through a symlink attack, unauthorized users can create or append data to arbitrary files, potentially compromising system integrity and security.