CVE-2001-1126

Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site.

Published: Oct 5, 2001
Updated: Apr 13, 2023
CVE: CVE-2001-1126
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
symantec / liveupdate	1.5	1.5.x
symantec / liveupdate	1.6	1.6.x
symantec / liveupdate	1.4	1.4.x

http://www.sarc.com/avcenter/security/Content/2001.10.05.html
http://www.securityfocus.com/archive/1/218717
http://www.securityfocus.com/bid/3413
https://exchange.xforce.ibmcloud.com/vulnerabilities/7235

Vulnerability Database

289,697

CVE-2001-1126