CVE-2006-6308

Name of the Vulnerable Software and Affected Versions Symantec LiveState 7.1 Agent for Windows

Description The issue allows local users to potentially gain privileges by stopping the shstart.exe process and opening "Web Self-Service" from the system tray icon. This action opens a browser window running with elevated privileges. However, it is noted that administrator privileges may be necessary to terminate shstart.exe, which could negate the privilege escalation.

Recommendations For Symantec LiveState 7.1 Agent for Windows, consider restricting access to the system tray icon's "Web Self-Service" feature to prevent potential privilege escalation. Additionally, ensure that only authorized users have the ability to stop the shstart.exe process.