PT-2019-9585 · Symantec · Sep+3
Published
2019-04-25
·
Updated
2019-05-02
·
CVE-2018-18369
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Norton Security (Windows client) versions prior to 22.16.3
SEP SBE (Windows client) versions prior to Cloud Agent 3.00.31.2817
NIS versions prior to 22.15.2.22
SEP versions prior to 12.1.7484.7002
Description
The issue is related to a DLL Preloading vulnerability. This type of vulnerability occurs when an application attempts to call a DLL for execution, and an attacker provides a malicious DLL to use instead.
Recommendations
For Norton Security (Windows client) versions prior to 22.16.3, update to version 22.16.3 or later.
For SEP SBE (Windows client) versions prior to Cloud Agent 3.00.31.2817, update to Cloud Agent 3.00.31.2817 or later.
For NIS versions prior to 22.15.2.22, update to version 22.15.2.22 or later.
For SEP versions prior to 12.1.7484.7002, update to version 12.1.7484.7002 or later.
Fix
Untrusted Search Path
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nis
Norton Security
Sep
Sep Sbe