RSS   Vulnerabilities for 'Liveupdate administrator'   RSS

2014-03-28
 
CVE-2014-1645

CWE-89
 

 
SQL injection vulnerability in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

 
 
CVE-2014-1644

CWE-255
 

 
The forgotten-password feature in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to reset arbitrary passwords by providing the e-mail address associated with a user account.

 
2012-06-22
 
CVE-2012-0304

CWE-264
 

 
Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions (Everyone: Full Control) for the installation directory, which allows local users to gain privileges via a Trojan horse file.

 
2011-03-28
 
CVE-2011-1524

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the management login GUI page in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to inject arbitrary web script or HTML via the username field, as demonstrated by injecting an IFRAME element into the event log, a different vulnerability than CVE-2011-0545.

 
 
CVE-2011-0545

CWE-352
 

 
Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified other impact, via the userRole parameter.

 

 >>> Vendor: Symantec 241 Products
JAVA
Mail-gear
Raptor firewall
Norton antivirus
Pcanywhere
Norton utilities
I-gear
Liveupdate
Norton ghost
Enterprise firewall
Velociraptor
Gateway security
Norton internet security
Norton personal firewall
Backup exec
Firewall vpn appliance 100
Firewall vpn appliance 200
Firewall vpn appliance 200r
Sygate personal firewall
Security check
Norton system works
Windows liveupdate
VXFS
Proxysg
Clientless vpn gateway 4400
Gateway security 5400
Antivirus scan engine
Norton antispam
Gateway security 5300
Client firewall
Client security
Brightmail antispam
Nexland isb soho firewall appliance
Nexland pro100 firewall appliance
Nexland pro400 firewall appliance
Nexland pro800 firewall appliance
Nexland pro800turbo firewall appliance
Nexland wavebase firewall appliance
Gateway security 320
Gateway security 360
Gateway security 360r
On command ccm
On icommand
Security check virus detection
Powerquest deploycenter
Web security
Mail security
Sav filter domino nt ports
Sav filter for domino nt
Gateway security 460
Symav filter domino nt
Deployment solution
Reporter
Netbackup enterprise server
Netbackup server
Antivirus scan engine for network attached storage
Antivirus
Discovery
On command discovery
Gateway security 300
Gateway security 400
Gateway security 5000 series
Gateway security 5100
Gateway security 5310
Sygate management server
Ghost solutions suite
Security information manager
On-demand agent
On-demand protection
Enterprise security manager
Host ids
Scan engine
Veritas netbackup client
Veritas netbackup enterprise server
Veritas netbackup server
Naveng driver
Navex15 driver
Sygate network access control
Network access control
Automated support assistant
Livestate agent for windows
Symantec antivirus filtering +for domino
Mail security 8820 appliance
Veritas volume replicator
Norton 360
Veritas storage foundation
Backupexec system recovery
Livestate recovery
Norton save and recovery
Reporting server
Veritas backup exec
Altiris deployment solution
Mail security appliance
Backup exec for windows server
Symantec antivirus clearswift
Symantec antivirus filtering domino mpe
Symantec antivirus messaging
Symantec antivirus microsoft sharepoint
Symantec antivirus ms isa
Symantec antivirus network attached storage
See all Products for Vendor Symantec


Copyright 2024, cxsecurity.com

 

Back to Top