DLL Preloading Vulnerability in Symantec Endpoint Protection Software
CVE-2018-12245
7.8HIGH
What is CVE-2018-12245?
A vulnerability exists in Symantec Endpoint Protection software where a DLL Preloading flaw may allow an attacker to leverage the application installation process to load a malicious DLL. This occurs when the installation of the software inadvertently incorporates a DLL that has been provided by an attacker. It is important to note that this issue only affects installations through the Trialware media and does not pose a risk to systems where the software has already been deployed. Symantec has updated its software to address this vulnerability.
Affected Version(s)
Symantec Endpoint Protection (SEP) Prior to 14.2 MP1