DLL Preloading Vulnerability in Norton Utilities by Symantec
CVE-2018-5235

6MEDIUM

Key Information:

Vendor
CVE Published:
22 August 2018

What is CVE-2018-5235?

Norton Utilities versions prior to 16.0.3.44 may be vulnerable to a DLL Preloading issue, allowing an attacker to substitute a malicious DLL during execution. The vulnerability arises when the application searches for a DLL to load without proper verification, potentially executing an unauthorized DLL within the application's context. This can lead to serious security implications if exploited, as it enables attackers to manipulate application behavior or escalate privileges within the affected system.

Affected Version(s)

Norton Utilities Prior to 16.0.3.44

References

CVSS V3.1

Score:
6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
High
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.