CVE-2018-18364

7.3HIGH

Key Information:

Vendor: Symantec Corporation
Status: Ghost Solution Suite (gss)
Vendor: CVE Published:; 8 February 2019

Summary

Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file (DLL) that the attacker then attempts to run via a linked application.

Affected Version(s)

Ghost Solution Suite (GSS) Prior to 3.3 RU1

References

http://www.securityfocus.com/bid/106684

vdb-entryx_refsource_BID

https://support.symantec.com/en_US/article.SYMSA1474.html

x_refsource_CONFIRM

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 8, 2019
Vulnerability Reserved
Oct 15, 2018