Symantec LiveUpdate Administrator Lets Local Users Gain Elevated Privileges .
Version(s): 2.3 and prior versions
Users Gain Elevated Privileges
A vulnerability was reported in Symantec LiveUpdate Administrator. A local user can obtain elevated privileges on the target system.The default installation of Symantec LiveUpdate Administrator installs files with full control privileges granted to the 'Everyone' group.A local user can exploit this flaw to read arbitrary files with System privileges and potentially execute arbitrary code on the target system with System privileges.
A local user can obtain System privileges on the target system.
The vendor has issued a fix (2.3.1).