var-200402-0066
Vulnerability from variot
The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in Norton Internet Security 2001 through 2004, SystemWorks 2001 through 2004, and AntiVirus and Norton AntiVirus Pro 2001 through 2004, AntiVirus for Handhelds v3.0, allows local users to gain SYSTEM privileges. Symantec LiveUpdate has been reported prone to a local privilege escalation vulnerability. This issue presents itself when a LiveUpdate interactive session is created. The privileges of the process, if different from the user, are not lowered. This may allow a local attacker to employ the vulnerable LiveUpdate component to spawn arbitrary executables with the privileges of the LiveUpdate process. Symantec LiveUpdate is a program used by a large number of Symantec application systems for automatic upgrades. When a non-privileged user logs in, a small window of \"there are Live Updates available, click here to run LiveUpdate\" will be displayed in the Windows task bar. If you click to run online automatic update, you will find LUALL.exe and LUCOMS~1 The .exe will run under the context of the user SYSTEM, click the Help button, and a \"LiveUpdate Help\" window will appear, click the file and open it, browse c:\windows\system32, and then you can run the cmd.exe program with SYSTEM permissions. Secure Network Operations, Inc. http://www.secnetops.com/research
Strategic Reconnaissance Team research[at]secnetops[.]com
Team Lead Contact kf[at]secnetops[.]com
Spam Contact rm -rf /@snosoft.com
Our Mission:
Secure Network Operations offers expertise in Networking, Intrusion Detection Systems (IDS), Software Security Validation, and Corporate/Private Network Security. Our mission is to facilitate a secure and reliable Internet and inter-enterprise communications infrastructure through the products and services we offer.
Basic Explanation
High Level Description : LiveUpdate allows local users to become SYSTEM What to do : run LiveUpdate and apply latest patches.
Basic Technical Details
Proof Of Concept Status : SNO has proof of concept.
Low Level Description : Symantec, the world leader in Internet security technology, provides a broad range of content and network security software and appliance solutions to individuals, enterprises and service providers. The company is a leading provider of client, gateway and server security solutions for virus protection, firewall and virtual private network, vulnerability management, intrusion detection, Internet content and email filtering, and remote management technologies and security services to enterprises and service providers around the world. Symantec's Norton brand of consumer security products is a leader in worldwide retail sales and industry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 36 countries.
Symantec's Norton Internet Security 2004 provides essential protection from viruses, hackers, and privacy threats. This issue is similar to the issues that were uncovered in the Windows Help API by both Brett Moore and our SRT team in late 2003.
Full details available at: http://www.secnetops.biz/research/SRT2004-01-09-1022.txt and http://www.secnetops.biz/research/SRT2004-01-09-1022.jpg
Vendor Status : Symantec promptly attended to the issue and was very responsive during all phases of discovery / research and patching. Fixes are now available via LiveUpdate.
Bugtraq URL : To be assigned. CVE candidate CAN-2003-0994. Disclaimer
This advisory was released by Secure Network Operations,Inc. as a matter of notification to help administrators protect their networks against the described vulnerability. Exploit source code is no longer released in our advisories but can be obtained under contract.. Contact our sales department at sales[at]secnetops[.]com for further information on how to obtain proof of concept code.
Secure Network Operations, Inc. || http://www.secnetops.com "Embracing the future of technology, protecting you."
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200402-0066",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "2004"
},
{
"model": "norton system works",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "2004"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "2001"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "2.1"
},
{
"model": "norton system works",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "2002"
},
{
"model": "norton system works",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "2001"
},
{
"model": "windows liveupdate",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "1.70.x"
},
{
"model": "windows liveupdate",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "1.90.x"
},
{
"model": "norton system works",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "2003"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "2003"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "2004"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2002"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "v3.0"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2001"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2002"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2003"
},
{
"model": "norton systemworks professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2004"
},
{
"model": "norton systemworks",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2004"
},
{
"model": "norton systemworks professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2003"
},
{
"model": "norton systemworks",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2003"
},
{
"model": "norton systemworks professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2002"
},
{
"model": "norton systemworks",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2002"
},
{
"model": "norton systemworks professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2001"
},
{
"model": "norton systemworks",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2001"
},
{
"model": "norton internet security professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2004"
},
{
"model": "norton internet security professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2003"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20036.0.4.34"
},
{
"model": "norton internet security professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20020"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20020"
},
{
"model": "norton internet security professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2001"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20010"
},
{
"model": "norton antivirus professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2004"
},
{
"model": "norton antivirus professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2003"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20030"
},
{
"model": "norton antivirus professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2002"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20020"
},
{
"model": "norton antivirus professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2001"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20010"
},
{
"model": "liveupdate",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.9"
},
{
"model": "liveupdate",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.8"
},
{
"model": "liveupdate",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.7"
},
{
"model": "antivirus for handhelds",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.0.194"
},
{
"model": "antivirus for handhelds",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0"
},
{
"model": "norton antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "7.6"
},
{
"model": "liveupdate",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0"
},
{
"model": "java liveupdate",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "9401"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-002"
},
{
"db": "NVD",
"id": "CVE-2003-0994"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secure Network Operations\u203b research@secnetops.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200402-002"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0994",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2003-0994",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-7819",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2003-0994",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200402-002",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-7819",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7819"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-002"
},
{
"db": "NVD",
"id": "CVE-2003-0994"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in Norton Internet Security 2001 through 2004, SystemWorks 2001 through 2004, and AntiVirus and Norton AntiVirus Pro 2001 through 2004, AntiVirus for Handhelds v3.0, allows local users to gain SYSTEM privileges. Symantec LiveUpdate has been reported prone to a local privilege escalation vulnerability. This issue presents itself when a LiveUpdate interactive session is created. The privileges of the process, if different from the user, are not lowered. This may allow a local attacker to employ the vulnerable LiveUpdate component to spawn arbitrary executables with the privileges of the LiveUpdate process. Symantec LiveUpdate is a program used by a large number of Symantec application systems for automatic upgrades. When a non-privileged user logs in, a small window of \\\"there are Live Updates available, click here to run LiveUpdate\\\" will be displayed in the Windows task bar. If you click to run online automatic update, you will find LUALL.exe and LUCOMS~1 The .exe will run under the context of the user SYSTEM, click the Help button, and a \\\"LiveUpdate Help\\\" window will appear, click the file and open it, browse c:\\windows\\system32, and then you can run the cmd.exe program with SYSTEM permissions. Secure Network Operations, Inc. http://www.secnetops.com/research\nStrategic Reconnaissance Team research[at]secnetops[.]com\nTeam Lead Contact kf[at]secnetops[.]com\nSpam Contact\t\t\t\t `rm -rf /`@snosoft.com\n\nOur Mission:\n************************************************************************\nSecure Network Operations offers expertise in Networking, Intrusion \nDetection Systems (IDS), Software Security Validation, and \nCorporate/Private Network Security. Our mission is to facilitate a \nsecure and reliable Internet and inter-enterprise communications \ninfrastructure through the products and services we offer. \n\n\nBasic Explanation\n************************************************************************\nHigh Level Description : LiveUpdate allows local users to become SYSTEM\nWhat to do : run LiveUpdate and apply latest patches. \n\n\nBasic Technical Details\n************************************************************************\nProof Of Concept Status : SNO has proof of concept. \n\nLow Level Description : Symantec, the world leader in Internet security \ntechnology, provides a broad range of content and network security \nsoftware and appliance solutions to individuals, enterprises and service \nproviders. The company is a leading provider of client, gateway and server \nsecurity solutions for virus protection, firewall and virtual private \nnetwork, vulnerability management, intrusion detection, Internet content \nand email filtering, and remote management technologies and security \nservices to enterprises and service providers around the world. Symantec\u0027s \nNorton brand of consumer security products is a leader in worldwide retail \nsales and industry awards. Headquartered in Cupertino, Calif., Symantec \nhas worldwide operations in 36 countries. \n\nSymantec\u0027s Norton Internet Security 2004 provides essential protection \nfrom viruses, hackers, and privacy threats. This issue\nis similar to the issues that were uncovered in the Windows Help API by \nboth Brett Moore and our SRT team in late 2003. \n\nFull details available at:\nhttp://www.secnetops.biz/research/SRT2004-01-09-1022.txt and\nhttp://www.secnetops.biz/research/SRT2004-01-09-1022.jpg\n\nVendor Status : Symantec promptly attended to the issue and \nwas very responsive during all phases of discovery / research and patching. \nFixes are now available via LiveUpdate. \n\nBugtraq URL : To be assigned. CVE candidate CAN-2003-0994. \nDisclaimer\n----------------------------------------------------------------------\nThis advisory was released by Secure Network Operations,Inc. as a matter\nof notification to help administrators protect their networks against\nthe described vulnerability. Exploit source code is no longer released\nin our advisories but can be obtained under contract.. Contact our sales \ndepartment at sales[at]secnetops[.]com for further information on how to \nobtain proof of concept code. \n\n----------------------------------------------------------------------\nSecure Network Operations, Inc. || http://www.secnetops.com\n\"Embracing the future of technology, protecting you.\"\n\n\n \n",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0994"
},
{
"db": "BID",
"id": "9401"
},
{
"db": "VULHUB",
"id": "VHN-7819"
},
{
"db": "PACKETSTORM",
"id": "32501"
}
],
"trust": 1.35
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-7819",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7819"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2003-0994",
"trust": 2.1
},
{
"db": "OSVDB",
"id": "3428",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200402-002",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20040112 RE: SRT2004-01-9-1022 - SYMANTEC LIVEUPDATE ALLOWS LOCAL USERS TO BECOME SYSTEM",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20040112 SRT2004-01-9-1022 - SYMANTEC LIVEUPDATE ALLOWS LOCAL USERS TO BECOME SYSTEM",
"trust": 0.6
},
{
"db": "BID",
"id": "9401",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "32501",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-7819",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7819"
},
{
"db": "BID",
"id": "9401"
},
{
"db": "PACKETSTORM",
"id": "32501"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-002"
},
{
"db": "NVD",
"id": "CVE-2003-0994"
}
]
},
"id": "VAR-200402-0066",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7819"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:09:00.382000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0994"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.secnetops.biz/research/srt2004-01-09-1022.txt"
},
{
"trust": 1.7,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-january/015510.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/3428"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=107393473928245\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=107393473928245\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.3,
"url": "/archive/1/349782"
},
{
"trust": 0.3,
"url": "/archive/1/349521"
},
{
"trust": 0.1,
"url": "http://www.secnetops.com,"
},
{
"trust": 0.1,
"url": "http://www.secnetops.com/research"
},
{
"trust": 0.1,
"url": "http://www.secnetops.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0994"
},
{
"trust": 0.1,
"url": "http://symantec.com/techsupp/files/lu/lu.html"
},
{
"trust": 0.1,
"url": "http://www.secnetops.biz/research/srt2004-01-09-1022.jpg"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7819"
},
{
"db": "BID",
"id": "9401"
},
{
"db": "PACKETSTORM",
"id": "32501"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-002"
},
{
"db": "NVD",
"id": "CVE-2003-0994"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-7819"
},
{
"db": "BID",
"id": "9401"
},
{
"db": "PACKETSTORM",
"id": "32501"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-002"
},
{
"db": "NVD",
"id": "CVE-2003-0994"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-03T00:00:00",
"db": "VULHUB",
"id": "VHN-7819"
},
{
"date": "2004-01-12T00:00:00",
"db": "BID",
"id": "9401"
},
{
"date": "2004-01-12T15:22:00",
"db": "PACKETSTORM",
"id": "32501"
},
{
"date": "2004-01-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200402-002"
},
{
"date": "2004-02-03T05:00:00",
"db": "NVD",
"id": "CVE-2003-0994"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-7819"
},
{
"date": "2009-07-12T00:56:00",
"db": "BID",
"id": "9401"
},
{
"date": "2006-09-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200402-002"
},
{
"date": "2016-10-18T02:38:57.927000",
"db": "NVD",
"id": "CVE-2003-0994"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "9401"
},
{
"db": "PACKETSTORM",
"id": "32501"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-002"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec LiveUpdate Local Privilege Escalation Vulnerability",
"sources": [
{
"db": "BID",
"id": "9401"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-002"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200402-002"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.