|Title:||Norton Utilities DLL Preloading Vulnerability (Windows)|
|Summary:||This host is running Norton Utilities; and is prone to local privilege-escalation vulnerability|
This host is running Norton Utilities
and is prone to local privilege-escalation vulnerability
The flaw exists because when an application
looks to call a DLL for execution, it can accept a malicious DLL also instead.
The vulnerability can be exploited by a simple file write (or potentially an
over-write) which results in a foreign DLL running under the context of the
Successful exploitation will allow a local
attacker to leverage this issue to execute arbitrary code in the context of
the affected application. Failed exploit attempts will result in a denial of
Norton Utilities versions prior to 126.96.36.199
Upgrade to version 188.8.131.52. For updates
refer to Reference links.
Common Vulnerability Exposure (CVE) ID: CVE-2018-5235|
BugTraq ID: 105099
|Copyright||Copyright (C) 2018 Greenbone Networks GmbH|
|This is only one of 72306 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.