CVE-2005-2766

Published: Sep 2, 2005Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly other versions, when obtaining updates from an internal LiveUpdate server, stores sensitive information in cleartext in the Log.Liveupdate log file, which allows attackers to obtain the username and password to the internal LiveUpdate server.

Affected (2)

Products: Symantec: Norton Antivirus

Symantec

1 product

Norton Antivirus

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Symantec Norton Antivirus	Version 9.0.1.1.1000
Symantec Norton Antivirus	Version 9.0.4

References (2)

http://marc.info/?l=bugtraq&m=112552401413998&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=112552401413998&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.