CVE-2001-1125

Name of the Vulnerable Software and Affected Versions Symantec LiveUpdate versions prior to 1.6

Description The issue allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site, due to the lack of cryptography to ensure the integrity of download files.

Recommendations For Symantec LiveUpdate versions prior to 1.6, update to version 1.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the update.symantec.com site to minimize the risk of DNS spoofing.