PT-2019-9585 · Symantec · Sep+3
Publicado
2019-04-25
·
Atualizado
2019-05-02
·
CVE-2018-18369
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Norton Security (Windows client) versions prior to 22.16.3
SEP SBE (Windows client) versions prior to Cloud Agent 3.00.31.2817
NIS versions prior to 22.15.2.22
SEP versions prior to 12.1.7484.7002
Description
The issue is related to a DLL Preloading vulnerability. This type of vulnerability occurs when an application attempts to call a DLL for execution, and an attacker provides a malicious DLL to use instead.
Recommendations
For Norton Security (Windows client) versions prior to 22.16.3, update to version 22.16.3 or later.
For SEP SBE (Windows client) versions prior to Cloud Agent 3.00.31.2817, update to Cloud Agent 3.00.31.2817 or later.
For NIS versions prior to 22.15.2.22, update to version 22.15.2.22 or later.
For SEP versions prior to 12.1.7484.7002, update to version 12.1.7484.7002 or later.
Correção
Untrusted Search Path
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Nis
Norton Security
Sep
Sep Sbe