CVE-2001-1125
9.8CRITICALSymantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com
게시됨: 10/5/2001업데이트됨: 4/3/2025
설명
Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site.
AI 분석AI 기반
영향받는 제품
symantecliveupdate
참조
- http://www.sarc.com/avcenter/security/Content/2001.10.05.htmlBroken Link
- http://www.securityfocus.com/archive/1/218717Broken LinkPatchThird Party AdvisoryVDB EntryVendor Advisory
- http://www.securityfocus.com/bid/3403Broken LinkPatchThird Party AdvisoryVDB EntryVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7235Third Party AdvisoryVDB Entry
- http://www.sarc.com/avcenter/security/Content/2001.10.05.htmlBroken Link
- http://www.securityfocus.com/archive/1/218717Broken LinkPatchThird Party AdvisoryVDB EntryVendor Advisory
- http://www.securityfocus.com/bid/3403Broken LinkPatchThird Party AdvisoryVDB EntryVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7235Third Party AdvisoryVDB Entry