hello, we've found local privilege escalation in Symantec LiveState agent. PoC: 1. kill shstart.exe process 2. from symantec livestate agent icon in systray choose "Web Self-Service" 3. New browser window will open, it is running with SYSTEM privileges. tested on fully patched Win XP SP2, Symantec LiveState agent 7.1 Credits: marc & shb -- http://ssteam.ath.cx
