Lucene search

[email protected]CVE-2006-1836

HistoryApr 19, 2006 - 4:06 p.m.

CVE-2006-1836

2006-04-1916:06:00

[email protected]

web.nvd.nist.gov

symantec

liveupdate

macintosh

vulnerability

privilege escalation

nvd

cve-2006-1836

6.8 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.9%

JSON

Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program.

Affected configurations

NVD

Node

symantecliveupdateMatch3.0macintosh

symantecliveupdateMatch3.0.1macintosh

symantecliveupdateMatch3.0.2macintosh

symantecliveupdateMatch3.0.3macintosh

symantecliveupdateMatch3.5macintosh

symantecnorton_antivirusMatch9.0.0macintosh

symantecnorton_antivirusMatch9.0.1macintosh

symantecnorton_antivirusMatch9.0.2macintosh

symantecnorton_antivirusMatch9.0.3macintosh

symantecnorton_antivirusMatch10.0macintosh

symantecnorton_antivirusMatch10.0.0macintosh

symantecnorton_antivirusMatch10.0.1macintosh

symantecnorton_antivirusMatch10.9.1macintosh

symantecnorton_internet_securityMatch3.0macintosh

symantecnorton_personal_firewallMatch3.0macintosh

symantecnorton_personal_firewallMatch3.1macintosh

symantecnorton_system_worksMatch3.0macintosh

symantecnorton_utilitiesMatch8.0macintosh

CPENameOperatorVersion
symantec:liveupdatesymantec liveupdateeq3.0
symantec:liveupdatesymantec liveupdateeq3.0.1
symantec:liveupdatesymantec liveupdateeq3.0.2
symantec:liveupdatesymantec liveupdateeq3.0.3
symantec:liveupdatesymantec liveupdateeq3.5
symantec:norton_antivirussymantec norton antiviruseq9.0.0
symantec:norton_antivirussymantec norton antiviruseq9.0.1
symantec:norton_antivirussymantec norton antiviruseq9.0.2
symantec:norton_antivirussymantec norton antiviruseq9.0.3
symantec:norton_antivirussymantec norton antiviruseq10.0

CPE	Name	Operator	Version
symantec:liveupdate	symantec liveupdate	eq	3.0
symantec:liveupdate	symantec liveupdate	eq	3.0.1
symantec:liveupdate	symantec liveupdate	eq	3.0.2
symantec:liveupdate	symantec liveupdate	eq	3.0.3
symantec:liveupdate	symantec liveupdate	eq	3.5
symantec:norton_antivirus	symantec norton antivirus	eq	9.0.0
symantec:norton_antivirus	symantec norton antivirus	eq	9.0.1
symantec:norton_antivirus	symantec norton antivirus	eq	9.0.2
symantec:norton_antivirus	symantec norton antivirus	eq	9.0.3
symantec:norton_antivirus	symantec norton antivirus	eq	10.0

Rows per page:

1-10 of 181

References

secunia.com/advisories/19682

securityreason.com/securityalert/100

securityresponse.symantec.com/avcenter/security/Content/2006.04.17b.html

securitytracker.com/id?1015953

www.securityfocus.com/archive/1/431318/100/0/threaded

www.securityfocus.com/bid/17571

www.vupen.com/english/advisories/2006/1386

exchange.xforce.ibmcloud.com/vulnerabilities/25839

6.8 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.9%

JSON

Related for CVE-2006-1836

cvelist1 prion1 nvd1