CVE-2012-0304

Currently unrated

Key Information:

Vendor: Symantec
Status: Liveupdate Administrator
Vendor: CVE Published:; 22 June 2012

Summary

Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions (Everyone: Full Control) for the installation directory, which allows local users to gain privileges via a Trojan horse file.

References

http://www.securitytracker.com/id?1027182

vdb-entryx_refsource_SECTRACK

http://www.nessus.org/plugins/index.php?view=single&id=59193

x_refsource_MISC

http://www.securityfocus.com/bid/53903

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jun 22, 2012
Vulnerability Reserved
Jan 4, 2012