CVE-2003-0994
First published: Tue Feb 03 2004(Updated: )
The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in Norton Internet Security 2001 through 2004, SystemWorks 2001 through 2004, and AntiVirus and Norton AntiVirus Pro 2001 through 2004, AntiVirus for Handhelds v3.0, allows local users to gain SYSTEM privileges.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Norton Antivirus with Backup | =2001 | |
| Symantec Norton Internet Security | =2002 | |
| Symantec Norton System Works | =2002 | |
| Symantec Norton Internet Security | =2001 | |
| Symantec Norton Internet Security | =2004 | |
| Symantec Norton Internet Security | =2001 | |
| Symantec Norton Internet Security | =2003 | |
| Symantec Norton System Works | =2001 | |
| Symantec Norton Antivirus with Backup | =v3.0 | |
| Symantec Norton Antivirus with Backup | =2001 | |
| Symantec Norton Antivirus with Backup | =2002 | |
| Symantec Norton Internet Security | =2002 | |
| Symantec Norton System Works | =2003 | |
| Symantec Norton System Works | =2004 | |
| Symantec Norton Antivirus with Backup | =2002 | |
| Symantec Norton Antivirus with Backup | =2003 | |
| Symantec Norton Internet Security | =2003 | |
| Symantec LiveUpdate | =1.70.x | |
| Symantec LiveUpdate | =1.90.x | |
| Symantec Norton Antivirus with Backup | =2.1 | |
| Symantec Norton Antivirus with Backup | =2003 | |
| Symantec Norton Antivirus with Backup | =2004 | |
| Symantec Norton Internet Security | =2004 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2003-0994?
CVE-2003-0994 is classified as a high severity vulnerability due to its potential to allow local users to gain elevated privileges.
How do I fix CVE-2003-0994?
To remediate CVE-2003-0994, users should apply the appropriate patches provided by Symantec for affected software versions.
Which software is affected by CVE-2003-0994?
CVE-2003-0994 affects Symantec products including Norton Internet Security versions 2001 to 2004, Norton Antivirus versions 2001 to 2004, and Norton SystemWorks versions 2001 to 2004.
Can CVE-2003-0994 be exploited remotely?
No, CVE-2003-0994 requires local access to the system to exploit the vulnerability.
How can I determine if I am vulnerable to CVE-2003-0994?
You can determine your vulnerability to CVE-2003-0994 by checking if you are using any of the affected Symantec software versions listed in the vulnerability description.
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/symantec
- canonical/symantec norton antivirus with backup
- version/symantec norton antivirus with backup/2001
- canonical/symantec norton internet security
- version/symantec norton internet security/2002
- canonical/symantec norton system works
- version/symantec norton system works/2002
- version/symantec norton internet security/2001
- version/symantec norton internet security/2004
- version/symantec norton internet security/2003
- version/symantec norton system works/2001
- version/symantec norton antivirus with backup/v3.0
- version/symantec norton antivirus with backup/2002
- version/symantec norton system works/2003
- version/symantec norton system works/2004
- version/symantec norton antivirus with backup/2003
- canonical/symantec liveupdate
- version/symantec liveupdate/1.70.x
- version/symantec liveupdate/1.90.x
- version/symantec norton antivirus with backup/2.1
- version/symantec norton antivirus with backup/2004