cvelistv5 - cve-2005-2759

cve-2005-2759

Vulnerability from cvelistv5

Published

2005-10-20 04:00

Modified

2024-08-07 22:45

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/17268
cve@mitre.org	http://securitytracker.com/id?1015083
cve@mitre.org	http://www.idefense.com/application/poi/display?id=324&type=vulnerabilities	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/15142
cve@mitre.org	http://www.symantec.com/avcenter/security/Content/2005.10.19a.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17268
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015083
af854a3a-2127-422b-91ae-364da2661108	http://www.idefense.com/application/poi/display?id=324&type=vulnerabilities	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/15142
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/avcenter/security/Content/2005.10.19a.html	Patch, Vendor Advisory

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:45:02.151Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1015083",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015083"
          },
          {
            "name": "20051020 Symantec Norton AntiVirus LiveUpdate Local Privilege Escalation",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=324\u0026type=vulnerabilities"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/avcenter/security/Content/2005.10.19a.html"
          },
          {
            "name": "17268",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17268"
          },
          {
            "name": "15142",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15142"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-10-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges.  NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify.  Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-11-04T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1015083",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015083"
        },
        {
          "name": "20051020 Symantec Norton AntiVirus LiveUpdate Local Privilege Escalation",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=324\u0026type=vulnerabilities"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/avcenter/security/Content/2005.10.19a.html"
        },
        {
          "name": "17268",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17268"
        },
        {
          "name": "15142",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15142"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-2759",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges.  NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify.  Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1015083",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015083"
            },
            {
              "name": "20051020 Symantec Norton AntiVirus LiveUpdate Local Privilege Escalation",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=324\u0026type=vulnerabilities"
            },
            {
              "name": "http://www.symantec.com/avcenter/security/Content/2005.10.19a.html",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/avcenter/security/Content/2005.10.19a.html"
            },
            {
              "name": "17268",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17268"
            },
            {
              "name": "15142",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15142"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-2759",
    "datePublished": "2005-10-20T04:00:00",
    "dateReserved": "2005-08-31T00:00:00",
    "dateUpdated": "2024-08-07T22:45:02.151Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*\", \"matchCriteriaId\": \"B2D0922A-3EA3-4BC9-9311-9DCA57338CBD\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges.  NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify.  Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue.\"}]",
      "id": "CVE-2005-2759",
      "lastModified": "2024-11-21T00:00:22.243",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2005-10-20T23:02:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/17268\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1015083\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.idefense.com/application/poi/display?id=324\u0026type=vulnerabilities\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/15142\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.symantec.com/avcenter/security/Content/2005.10.19a.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/17268\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1015083\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.idefense.com/application/poi/display?id=324\u0026type=vulnerabilities\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/15142\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.symantec.com/avcenter/security/Content/2005.10.19a.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-2759\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-10-20T23:02:00.000\",\"lastModified\":\"2024-11-21T00:00:22.243\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges.  NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify.  Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*\",\"matchCriteriaId\":\"B2D0922A-3EA3-4BC9-9311-9DCA57338CBD\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/17268\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1015083\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.idefense.com/application/poi/display?id=324\u0026type=vulnerabilities\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/15142\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.symantec.com/avcenter/security/Content/2005.10.19a.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/17268\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1015083\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.idefense.com/application/poi/display?id=324\u0026type=vulnerabilities\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/15142\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.symantec.com/avcenter/security/Content/2005.10.19a.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges. NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify. Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue. This issue is due to a failure of the application to properly utilize the PATH environment variable in a setuid-superuser binary. This vulnerability allows local attackers to gain superuser privileges, leading to complete compromise of the affected computer. This may be exploited by malicious users to execute arbitrary commands with System Administrative privileges by modifying the execution path that the component uses to locate system commands.

The vulnerability has been reported in the following versions : * version 9.0.0, 9.0.1 * version 9.0.2 (English, Japanese) * version 9.0.2 Build 5 (French, German, Italian) * version 9.0.3 (English, Japanese) * version 10.0.0, 10.0.1

2) The LiveUpdate component uses a suid command-line application to interface with the Java interpreter. This can be exploited by malicious users to execute arbitrary Java code with System Administrative privileges using the interface application.

The vulnerability has been reported in the following products: * LiveUpdate for Macintosh versions 3.0.0, 3.0.1 and 3.0.2 * LiveUpdate for Macintosh version 3.0.3 Build 5 (English) * LiveUpdate for Macintosh version 3.0.3 Build 11, 3.5.0 Build 47 * Norton AntiVirus 9.0.x, 10.0.0, 10.0.1 * Norton Personal Firewall 3.0.x, 3.1.0 * Norton Internet Security 3.0.x * Norton Utilities 8.0.x * Norton SystemWorks 3.0.x

SOLUTION: Update to the latest version via Live Update.

PROVIDED AND/OR DISCOVERED BY: The vendor credits iDEFENSE.

ORIGINAL ADVISORY: http://securityresponse.symantec.com/avcenter/security/Content/2005.10.19.html http://securityresponse.symantec.com/avcenter/security/Content/2005.10.19a.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200510-0133",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "9.0.3"
      },
      {
        "model": "norton antivirus for macintosh",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "symantec",
        "version": "10.0.1"
      },
      {
        "model": "norton antivirus for macintosh",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "symantec",
        "version": "10.0.0"
      },
      {
        "model": "norton antivirus for macintosh",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "symantec",
        "version": "9.0.3"
      },
      {
        "model": "norton antivirus for macintosh",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "symantec",
        "version": "9.0.2"
      },
      {
        "model": "norton antivirus for macintosh",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "symantec",
        "version": "9.0.1"
      },
      {
        "model": "norton antivirus for macintosh",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "symantec",
        "version": "9.0.0"
      },
      {
        "model": "antivirus for macintosh",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "symantec",
        "version": "10.0"
      },
      {
        "model": "norton utilities for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.0"
      },
      {
        "model": "norton system works for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0"
      },
      {
        "model": "norton personal firewall for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1"
      },
      {
        "model": "norton personal firewall for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0"
      },
      {
        "model": "norton internet security for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0"
      },
      {
        "model": "norton antivirus for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "10.9.1"
      },
      {
        "model": "liveupdate for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.5"
      },
      {
        "model": "liveupdate for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.3"
      },
      {
        "model": "liveupdate for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.2"
      },
      {
        "model": "liveupdate for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.1"
      },
      {
        "model": "liveupdate for macintosh",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "15142"
      },
      {
        "db": "BID",
        "id": "15143"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-2759"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-157"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-2759"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Discovery is credited to DigitalMunition.com.",
    "sources": [
      {
        "db": "BID",
        "id": "15142"
      },
      {
        "db": "BID",
        "id": "15143"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-157"
      }
    ],
    "trust": 1.2
  },
  "cve": "CVE-2005-2759",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": true,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-13968",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2005-2759",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200510-157",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-13968",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-13968"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-2759"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-157"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges.  NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify.  Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue. This issue is due to a failure of the application to properly utilize the PATH environment variable in a setuid-superuser binary. \nThis vulnerability allows local attackers to gain superuser privileges, leading to complete compromise of the affected computer. This may\nbe exploited by malicious users to execute arbitrary commands with\nSystem Administrative privileges by modifying the execution path that\nthe component uses to locate system commands. \n\nThe vulnerability has been reported in the following versions :\n* version 9.0.0, 9.0.1\n* version 9.0.2 (English, Japanese)\n* version 9.0.2\tBuild 5\t(French, German, Italian)\n* version 9.0.3\t(English, Japanese)\n* version 10.0.0, 10.0.1\n\n2) The LiveUpdate component uses a suid command-line application to\ninterface with the Java interpreter. This can be exploited by\nmalicious users to execute arbitrary Java code with System\nAdministrative privileges using the interface application. \n\nThe vulnerability has been reported in the following products:\n* LiveUpdate for Macintosh versions 3.0.0, 3.0.1 and 3.0.2\n* LiveUpdate for Macintosh version 3.0.3 Build 5 (English)\n* LiveUpdate for Macintosh version 3.0.3 Build 11, 3.5.0 Build 47\n* Norton AntiVirus 9.0.x, 10.0.0, 10.0.1\n* Norton Personal Firewall 3.0.x, 3.1.0\n* Norton Internet Security 3.0.x\n* Norton Utilities 8.0.x\n* Norton SystemWorks 3.0.x\n\nSOLUTION:\nUpdate to the latest version via Live Update. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits iDEFENSE. \n\nORIGINAL ADVISORY:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2005.10.19.html\nhttp://securityresponse.symantec.com/avcenter/security/Content/2005.10.19a.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-2759"
      },
      {
        "db": "BID",
        "id": "15142"
      },
      {
        "db": "BID",
        "id": "15143"
      },
      {
        "db": "VULHUB",
        "id": "VHN-13968"
      },
      {
        "db": "PACKETSTORM",
        "id": "40811"
      }
    ],
    "trust": 1.62
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2005-2759",
        "trust": 2.3
      },
      {
        "db": "BID",
        "id": "15142",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "17268",
        "trust": 1.8
      },
      {
        "db": "SECTRACK",
        "id": "1015083",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-157",
        "trust": 0.7
      },
      {
        "db": "IDEFENSE",
        "id": "20051020 SYMANTEC NORTON ANTIVIRUS LIVEUPDATE LOCAL PRIVILEGE ESCALATION",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "15143",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-13968",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "40811",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-13968"
      },
      {
        "db": "BID",
        "id": "15142"
      },
      {
        "db": "BID",
        "id": "15143"
      },
      {
        "db": "PACKETSTORM",
        "id": "40811"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-2759"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-157"
      }
    ]
  },
  "id": "VAR-200510-0133",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-13968"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:10:42.018000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-2759"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "http://www.idefense.com/application/poi/display?id=324\u0026type=vulnerabilities"
      },
      {
        "trust": 2.0,
        "url": "http://www.symantec.com/avcenter/security/content/2005.10.19a.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/15142"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1015083"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/17268"
      },
      {
        "trust": 0.6,
        "url": "http://www.symantec.com/nav/nav_mac/"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/414065"
      },
      {
        "trust": 0.3,
        "url": "http://www.symantec.com/avcenter/security/content/2005.10.19.html"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/414066"
      },
      {
        "trust": 0.1,
        "url": "http://www.idefense.com/application/poi/display?id=324\u0026amp;type=vulnerabilities"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5953/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/17268/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5950/"
      },
      {
        "trust": 0.1,
        "url": "http://securityresponse.symantec.com/avcenter/security/content/2005.10.19a.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5951/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://securityresponse.symantec.com/avcenter/security/content/2005.10.19.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5954/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5952/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5949/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5948/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-13968"
      },
      {
        "db": "BID",
        "id": "15142"
      },
      {
        "db": "BID",
        "id": "15143"
      },
      {
        "db": "PACKETSTORM",
        "id": "40811"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-2759"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-157"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-13968"
      },
      {
        "db": "BID",
        "id": "15142"
      },
      {
        "db": "BID",
        "id": "15143"
      },
      {
        "db": "PACKETSTORM",
        "id": "40811"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-2759"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-157"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2005-10-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-13968"
      },
      {
        "date": "2005-10-19T00:00:00",
        "db": "BID",
        "id": "15142"
      },
      {
        "date": "2005-10-19T00:00:00",
        "db": "BID",
        "id": "15143"
      },
      {
        "date": "2005-10-21T17:57:17",
        "db": "PACKETSTORM",
        "id": "40811"
      },
      {
        "date": "2005-10-20T23:02:00",
        "db": "NVD",
        "id": "CVE-2005-2759"
      },
      {
        "date": "2005-10-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200510-157"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-03-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-13968"
      },
      {
        "date": "2009-07-12T17:56:00",
        "db": "BID",
        "id": "15142"
      },
      {
        "date": "2009-07-12T17:56:00",
        "db": "BID",
        "id": "15143"
      },
      {
        "date": "2011-03-08T02:24:59.860000",
        "db": "NVD",
        "id": "CVE-2005-2759"
      },
      {
        "date": "2005-10-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200510-157"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "15142"
      },
      {
        "db": "BID",
        "id": "15143"
      },
      {
        "db": "PACKETSTORM",
        "id": "40811"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-157"
      }
    ],
    "trust": 1.3
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Symantec Norton Antivirus For Macintosh DiskMountNotify Local privilege elevation vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-157"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Design Error",
    "sources": [
      {
        "db": "BID",
        "id": "15143"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200510-157"
      }
    ],
    "trust": 0.9
  }
}

cve-2005-2759

Vulnerability from fkie_nvd

Published

2005-10-20 23:02

Modified

2024-11-21 00:00

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/17268
cve@mitre.org	http://securitytracker.com/id?1015083
cve@mitre.org	http://www.idefense.com/application/poi/display?id=324&type=vulnerabilities	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/15142
cve@mitre.org	http://www.symantec.com/avcenter/security/Content/2005.10.19a.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17268
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015083
af854a3a-2127-422b-91ae-364da2661108	http://www.idefense.com/application/poi/display?id=324&type=vulnerabilities	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/15142
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/avcenter/security/Content/2005.10.19a.html	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	symantec	norton_antivirus	9.0.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*",
              "matchCriteriaId": "B2D0922A-3EA3-4BC9-9311-9DCA57338CBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges.  NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify.  Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue."
    }
  ],
  "id": "CVE-2005-2759",
  "lastModified": "2024-11-21T00:00:22.243",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-10-20T23:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17268"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015083"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=324\u0026type=vulnerabilities"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/15142"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.symantec.com/avcenter/security/Content/2005.10.19a.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17268"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=324\u0026type=vulnerabilities"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15142"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.symantec.com/avcenter/security/Content/2005.10.19a.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-c2fp-3f9v-gjcg

Vulnerability from github

Published

2022-05-01 02:11

Modified

2022-05-01 02:11

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-2759"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-10-20T23:02:00Z",
    "severity": "HIGH"
  },
  "details": "** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges.  NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify.  Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue.",
  "id": "GHSA-c2fp-3f9v-gjcg",
  "modified": "2022-05-01T02:11:26Z",
  "published": "2022-05-01T02:11:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-2759"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17268"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015083"
    },
    {
      "type": "WEB",
      "url": "http://www.idefense.com/application/poi/display?id=324\u0026type=vulnerabilities"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/15142"
    },
    {
      "type": "WEB",
      "url": "http://www.symantec.com/avcenter/security/Content/2005.10.19a.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2005-2759

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2005-2759

Aliases

CVE-2005-2759

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2005-2759",
    "description": "** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges.  NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify.  Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue.",
    "id": "GSD-2005-2759"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2005-2759"
      ],
      "details": "** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges.  NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify.  Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue.",
      "id": "GSD-2005-2759",
      "modified": "2023-12-13T01:20:10.814753Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2005-2759",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges.  NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify.  Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1015083",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015083"
          },
          {
            "name": "20051020 Symantec Norton AntiVirus LiveUpdate Local Privilege Escalation",
            "refsource": "IDEFENSE",
            "url": "http://www.idefense.com/application/poi/display?id=324\u0026type=vulnerabilities"
          },
          {
            "name": "http://www.symantec.com/avcenter/security/Content/2005.10.19a.html",
            "refsource": "CONFIRM",
            "url": "http://www.symantec.com/avcenter/security/Content/2005.10.19a.html"
          },
          {
            "name": "17268",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/17268"
          },
          {
            "name": "15142",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/15142"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-2759"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges.  NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify.  Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.symantec.com/avcenter/security/Content/2005.10.19a.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.symantec.com/avcenter/security/Content/2005.10.19a.html"
            },
            {
              "name": "20051020 Symantec Norton AntiVirus LiveUpdate Local Privilege Escalation",
              "refsource": "IDEFENSE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.idefense.com/application/poi/display?id=324\u0026type=vulnerabilities"
            },
            {
              "name": "1015083",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1015083"
            },
            {
              "name": "15142",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/15142"
            },
            {
              "name": "17268",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/17268"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2011-03-08T02:24Z",
      "publishedDate": "2005-10-20T23:02Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2005-2759

Vulnerability from cvelistv5

var-200510-0133

Vulnerability from variot

cve-2005-2759

Vulnerability from fkie_nvd

ghsa-c2fp-3f9v-gjcg

Vulnerability from github

gsd-2005-2759

Vulnerability from gsd

Tags

Sightings

Nomenclature