CVE-2003-0994

Name of the Vulnerable Software and Affected Versions Symantec LiveUpdate versions 1.70.x through 1.90.x Norton Internet Security versions 2001 through 2004 SystemWorks versions 2001 through 2004 Norton AntiVirus Pro versions 2001 through 2004 AntiVirus for Handhelds version v3.0

Description The issue allows local users to gain SYSTEM privileges due to a problem in the GUI functionality for an interactive session in Symantec LiveUpdate.

Recommendations For Symantec LiveUpdate versions 1.70.x through 1.90.x, consider restricting access to the GUI functionality for an interactive session until a fix is available. For Norton Internet Security versions 2001 through 2004, SystemWorks versions 2001 through 2004, and Norton AntiVirus Pro versions 2001 through 2004, restrict the use of the affected Symantec LiveUpdate component to minimize the risk of exploitation. For AntiVirus for Handhelds version v3.0, avoid using the affected Symantec LiveUpdate functionality until the issue is resolved.