 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.814309 |
| Category: | Privilege escalation |
| Title: | Norton Utilities DLL Preloading Vulnerability (SYMSA1459) - Windows |
| Summary: | Norton Utilities is prone to a local privilege escalation; vulnerability. |
| Description: | Summary: Norton Utilities is prone to a local privilege escalation vulnerability. Vulnerability Insight: The flaw exists because when an application looks to call a DLL for execution, it can accept a malicious DLL also instead. The vulnerability can be exploited by a simple file write (or potentially an over-write) which results in a foreign DLL running under the context of the application. Vulnerability Impact: Successful exploitation will allow a local attacker to leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition. Affected Software/OS: Norton Utilities versions prior to 16.0.3.44. Solution: Update to version 16.0.3.44 or later. CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-5235 BugTraq ID: 105099 http://www.securityfocus.com/bid/105099 |
| Copyright | Copyright (C) 2018 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |