Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.814309
Kategorie:Privilege escalation
Titel:Norton Utilities DLL Preloading Vulnerability (Windows)
Zusammenfassung:This host is running Norton Utilities; and is prone to local privilege-escalation vulnerability
Beschreibung:Summary:
This host is running Norton Utilities
and is prone to local privilege-escalation vulnerability

Vulnerability Insight:
The flaw exists because when an application
looks to call a DLL for execution, it can accept a malicious DLL also instead.
The vulnerability can be exploited by a simple file write (or potentially an
over-write) which results in a foreign DLL running under the context of the
application.

Vulnerability Impact:
Successful exploitation will allow a local
attacker to leverage this issue to execute arbitrary code in the context of
the affected application. Failed exploit attempts will result in a denial of
service condition.

Affected Software/OS:
Norton Utilities versions prior to 16.0.3.44

Solution:
Upgrade to version 16.0.3.44. Please see the references for more information.

CVSS Score:
4.4

CVSS Vector:
AV:L/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2018-5235
BugTraq ID: 105099
http://www.securityfocus.com/bid/105099
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.