Описание
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.
Ссылки
- ExploitMailing List
- Broken LinkPatchThird Party AdvisoryVDB EntryVendor Advisory
- Third Party AdvisoryVDB Entry
- ExploitMailing List
- Broken LinkPatchThird Party AdvisoryVDB EntryVendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:-:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00134
Низкий
7 High
CVSS3
3.7 Low
CVSS2
Дефекты
CWE-59
Связанные уязвимости
CVSS3: 7
github
больше 3 лет назад
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.
EPSS
Процентиль: 34%
0.00134
Низкий
7 High
CVSS3
3.7 Low
CVSS2
Дефекты
CWE-59