VULHUB ™

Symantec LiveUpdate is reported prone to a directory traversal vulnerability. It is reported that the application decompresses a directory tree without sufficient validation of directory names. To carry out this attack, the attacker must establish a malicious server and then carry out a redirection type attack such as DNS cache poisoning to force LiveUpdate to download malicious archives from the attacker's server. It should also be noted that it is not reportedly possible to overwrite existing files on a vulnerable computer through this vulnerability. It has been reported by the vendor that size restriction on files extracted and copied to an affected file system may reduce the impact of this issue by making it impossible to download malicious binary applications. LiveUpdate versions 1.80.19.0 and 2.5.56.0 were reportedly affected by this issue. It is likely that other versions are affected as well.

Symantec LiveUpdate is reported prone to a directory traversal vulnerability. It is reported that the application decompresses a directory tree without sufficient validation of directory names. To carry out this attack, the attacker must establish a malicious server and then carry out a redirection type attack such as DNS cache poisoning to force LiveUpdate to download malicious archives from the attacker's server. It should also be noted that it is not reportedly possible to overwrite existing files on a vulnerable computer through this vulnerability. It has been reported by the vendor that size restriction on files extracted and copied to an affected file system may reduce the impact of this issue by making it impossible to download malicious binary applications. LiveUpdate versions 1.80.19.0 and 2.5.56.0 were reportedly affected by this issue. It is likely that other versions are affected as well.