Vulnerabilities > CVE-2001-1126 - Unspecified vulnerability in Symantec Liveupdate 1.4/1.5/1.6

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
symantec

Summary

Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site.

Vulnerable Configurations

Part Description Count
Application
Symantec
3