Vulnerabilities > Symantec > Liveupdate > 1.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-06-25 | CVE-2002-0344 | Unspecified vulnerability in Symantec Liveupdate 1.0/1.4/1.5 Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server. | 5.0 |
2001-10-05 | CVE-2001-1126 | Unspecified vulnerability in Symantec Liveupdate 1.4/1.5/1.6 Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site. | 5.0 |
2001-10-05 | CVE-2001-1125 | Download of Code Without Integrity Check vulnerability in Symantec Liveupdate 1.0/1.4/1.5 Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site. | 9.8 |