Untrusted Search Path Vulnerability in Symantec LiveUpdate for Macintosh
CVE-2006-1836

Currently unrated

Key Information:

Vendor: Symantec
Status: Liveupdate; Norton Antivirus; Norton Personal Firewall; Norton System Works
Vendor: CVE Published:; 19 April 2006

Summary

An untrusted search path vulnerability exists in Symantec LiveUpdate for Macintosh versions 3.0.0 through 3.5.0. This vulnerability allows local users to exploit the execution path settings leading to privilege escalation via a Trojan horse program. When the untrusted components are executed, they can enable attackers to gain higher privileges within the affected system, potentially compromising user data and system integrity.

References

http://securityreason.com/securityalert/100

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/bid/17571

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2006/1386

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Apr 19, 2006
Vulnerability Reserved
Apr 19, 2006