CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-0217

The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.4%

CVSS Severity

CVSS v3 Score 7.0

CVSS v2 Score 3.7

References

http://marc.info/?l=bugtraq&m=107694800908164&w=2
http://www.securityfocus.com/bid/9662
https://exchange.xforce.ibmcloud.com/vulnerabilities/15215
http://marc.info/?l=bugtraq&m=107694800908164&w=2
http://www.securityfocus.com/bid/9662
https://exchange.xforce.ibmcloud.com/vulnerabilities/15215

Products affected by CVE-2004-0217

Symantec » Antivirus Scan Engine » Version: 4.0

cpe:2.3:a:symantec:antivirus_scan_engine:4.0
Symantec » Antivirus Scan Engine » Version: 4.3

cpe:2.3:a:symantec:antivirus_scan_engine:4.3
Redhat » Linux » Version: N/A

cpe:2.3:o:redhat:linux:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-0217

Products

Pricing

Contact Us