1. Home
  2. CVE Database
  3. CVE-2005-2766
LOW · 2.1

CVE-2005-2766

Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly other versions, when obtaining updates from an internal LiveUpdate server, stores sensitive information in cleartext in the Log.L...

Vulnerability Description

Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly other versions, when obtaining updates from an internal LiveUpdate server, stores sensitive information in cleartext in the Log.Liveupdate log file, which allows attackers to obtain the username and password to the internal LiveUpdate server.

CVSS Score

2.1

LOW

AV:L/AC:L/Au:N/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
SymantecNorton Antivirus9.0.1.1.1000

References

FAQ

What is CVE-2005-2766?

CVE-2005-2766 is a vulnerability with a CVSS score of 2.1 (LOW). Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly other versions, when obtaining updates from an internal LiveUpdate server, stores sensitive information in cleartext in the Log.L...

How severe is CVE-2005-2766?

CVE-2005-2766 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-2766?

Check the references section above for vendor advisories and patch information. Affected products include: Symantec Norton Antivirus.