{ "id": "CVE-2003-0994", "sourceIdentifier": "cve@mitre.org", "published": "2004-02-03T05:00:00.000", "lastModified": "2016-10-18T02:38:57.927", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in Norton Internet Security 2001 through 2004, SystemWorks 2001 through 2004, and AntiVirus and Norton AntiVirus Pro 2001 through 2004, AntiVirus for Handhelds v3.0, allows local users to gain SYSTEM privileges." }, { "lang": "es", "value": "La funcionalidad gui para una sesi\u00f3n interactiva en ymantec LiveUpdate 1.70.x hasta la 1.90.x (usadas en Norton Internet Security 2001 hasta 2004, SystemWorks 2001 hasta 2004, y AntiVirus y Norton AntiVirus Pro 2001 hasta 2004, AntiVirus for Handhelds v3.0) permite que usuarios locales obtengan privilegios SYSTEM." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 7.2 }, "baseSeverity": "HIGH", "exploitabilityScore": 3.9, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": true, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_antivirus:2.1:*:ms_exchange:*:*:*:*:*", "matchCriteriaId": "A9415109-C554-40F6-851E-CC016951BDF8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_antivirus:2001:*:*:*:*:*:*:*", "matchCriteriaId": "19595AF4-8C85-4646-B42B-4B5863798AB0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_antivirus:2001:*:pro:*:*:*:*:*", "matchCriteriaId": "532CF7E7-2F8A-4AC2-91F4-C8D35B8943EC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_antivirus:2002:*:*:*:*:*:*:*", "matchCriteriaId": "8F6F3B3C-7C60-4A38-91F0-E09148DB4FD2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_antivirus:2002:*:pro:*:*:*:*:*", "matchCriteriaId": "BFFF5F92-2CB6-4155-91AA-B80476509376" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_antivirus:2003:*:*:*:*:*:*:*", "matchCriteriaId": "34B1D862-2CB4-4D50-9BBA-0507FEAA1924" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_antivirus:2003:*:pro:*:*:*:*:*", "matchCriteriaId": "C1538C84-EB7B-407C-9B05-27B9B0A10F16" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:pro:*:*:*:*:*", "matchCriteriaId": "486AF3E7-B5EC-49D2-9822-0F8E152DEDCF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_antivirus:v3.0:*:handhelds:*:*:*:*:*", "matchCriteriaId": "7980AED6-1CB7-46C0-AD67-238B4A18060B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_internet_security:2001:*:*:*:*:*:*:*", "matchCriteriaId": "2D2C8E23-852E-4715-9D8D-18F26B1263A0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_internet_security:2001:*:pro:*:*:*:*:*", "matchCriteriaId": "DBF82809-CE59-4B2A-89C0-FB1AF760704E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_internet_security:2002:*:*:*:*:*:*:*", "matchCriteriaId": "F05FEBA2-33E8-4074-8B57-4FE6FFEF2F32" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_internet_security:2002:*:pro:*:*:*:*:*", "matchCriteriaId": "A5FA0458-AB41-495E-B41F-C18B4E6876CB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*", "matchCriteriaId": "AEF97C5F-3A80-4973-85FD-5BCE43B32AD8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*", "matchCriteriaId": "1F0BF645-7C56-4ED6-91C0-AE4CFAB62EE6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*", "matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*", "matchCriteriaId": "D7875372-44D7-47AB-8F8C-4A3AB98FB3B6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_system_works:2001:*:*:*:*:*:*:*", "matchCriteriaId": "B37463FB-DA25-43F4-BB92-50354DF5A8C9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_system_works:2002:*:*:*:*:*:*:*", "matchCriteriaId": "4BCEEC08-41F6-423A-B845-541227B64CD1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_system_works:2003:*:*:*:*:*:*:*", "matchCriteriaId": "A4C31257-E62D-495D-9F7B-09D234B7BF64" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*", "matchCriteriaId": "F589D9AA-FD1B-4929-93DC-801C36087E64" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:windows_liveupdate:1.70.x:*:*:*:*:*:*:*", "matchCriteriaId": "6118EFBA-C50B-4790-B301-5B996F759105" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec:windows_liveupdate:1.90.x:*:*:*:*:*:*:*", "matchCriteriaId": "247F0A9D-E8E4-484A-99AA-4368B84F702B" } ] } ] } ], "references": [ { "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-January/015510.html", "source": "cve@mitre.org" }, { "url": "http://marc.info/?l=bugtraq&m=107393473928245&w=2", "source": "cve@mitre.org" }, { "url": "http://www.secnetops.biz/research/SRT2004-01-09-1022.txt", "source": "cve@mitre.org" } ] }