The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
symantec antivirus_scan_engine 4.0 |
||
symantec antivirus_scan_engine 4.3 |