DLL Preloading Vulnerability in Norton Remove & Reinstall by Symantec
CVE-2017-13676

7HIGH

Key Information:

Vendor: Symantec Corporation
Status: Norton Remove & Reinstall
Vendor: CVE Published:; 28 September 2017

🔔 Create Symantec Corporation Vulnerability Alert

What is CVE-2017-13676?

Norton Remove & Reinstall has a DLL preloading vulnerability that could allow an attacker to execute a malicious DLL. This occurs when the application fails to adequately validate the source of the DLL it uses, enabling an attacker to place a harmful DLL in the application's directory. When the application seeks to load the DLL, it inadvertently loads the malicious version instead. To mitigate this vulnerability, users are urged to update to Norton Remove & Reinstall version 4.4.0.58 or later, which fixes the issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Norton Remove & Reinstall Prior to 4.4.0.58

References

https://www.symantec.com/security_response/securityupdate...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/100939

vdb-entryx_refsource_BID

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 28, 2017
Vulnerability Reserved
Aug 24, 2017

JSON

Symantec Corporation

What is CVE-2017-13676?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.