Vulnerability Details CVE-2006-1836
Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.2%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/19682
- http://securityreason.com/securityalert/100
- http://securityresponse.symantec.com/avcenter/security/Content/2006.04.17b.html
- http://securitytracker.com/id?1015953
- http://www.securityfocus.com/archive/1/431318/100/0/threaded
- http://www.securityfocus.com/bid/17571
- http://www.vupen.com/english/advisories/2006/1386
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25839
- http://secunia.com/advisories/19682
- http://securityreason.com/securityalert/100
- http://securityresponse.symantec.com/avcenter/security/Content/2006.04.17b.html
- http://securitytracker.com/id?1015953
- http://www.securityfocus.com/archive/1/431318/100/0/threaded
- http://www.securityfocus.com/bid/17571
- http://www.vupen.com/english/advisories/2006/1386
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25839
Products affected by CVE-2006-1836
-
cpe:2.3:a:symantec:liveupdate:3.0
-
cpe:2.3:a:symantec:liveupdate:3.0.1
-
cpe:2.3:a:symantec:liveupdate:3.0.2
-
cpe:2.3:a:symantec:liveupdate:3.0.3
-
cpe:2.3:a:symantec:liveupdate:3.5
-
cpe:2.3:a:symantec:norton_antivirus:10.0
-
cpe:2.3:a:symantec:norton_antivirus:10.0.0
-
cpe:2.3:a:symantec:norton_antivirus:10.0.1
-
cpe:2.3:a:symantec:norton_antivirus:10.9.1
-
cpe:2.3:a:symantec:norton_antivirus:9.0.0
-
cpe:2.3:a:symantec:norton_antivirus:9.0.1
-
cpe:2.3:a:symantec:norton_antivirus:9.0.2
-
cpe:2.3:a:symantec:norton_antivirus:9.0.3
-
cpe:2.3:a:symantec:norton_internet_security:3.0
-
cpe:2.3:a:symantec:norton_personal_firewall:3.0
-
cpe:2.3:a:symantec:norton_personal_firewall:3.1
-
cpe:2.3:a:symantec:norton_system_works:3.0
-
cpe:2.3:a:symantec:norton_utilities:8.0