Untrusted Search Path Vulnerability in Symantec LiveUpdate for Macintosh
CVE-2006-1836

Currently unrated

Key Information:

Vendor: Symantec
Status: Liveupdate; Norton Antivirus; Norton Personal Firewall; Norton System Works
Vendor: CVE Published:; 19 April 2006

What is CVE-2006-1836?

An untrusted search path vulnerability exists in Symantec LiveUpdate for Macintosh versions 3.0.0 through 3.5.0. This vulnerability allows local users to exploit the execution path settings leading to privilege escalation via a Trojan horse program. When the untrusted components are executed, they can enable attackers to gain higher privileges within the affected system, potentially compromising user data and system integrity.

References

http://securityreason.com/securityalert/100

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/bid/17571

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2006/1386

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Apr 19, 2006
Vulnerability Reserved
Apr 19, 2006