CVE-2017-2802
N/A
N/A
Summary
An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. An attacker with local access to vulnerable system can exploit this vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| dell | Dell | Precision Tower 5810 with nvidia graphic cards. PPO Policy Processing Engine - FileVersion : 3.5.5.0 ati.dll ( PPO Monitoring Plugin ) - FileVersion : 3.5.5.0 | affected |
Weaknesses
- dll hijiacking
ADP Enrichment
CVE Program Container
Additional References
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0247
- http://www.securityfocus.com/bid/99360
References
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0247
- http://www.securityfocus.com/bid/99360
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.