CVE-2018-5238
N/A
N/A
Summary
Norton Power Eraser (prior to 5.3.0.24) and SymDiag (prior to 2.1.242) may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a specific search path to locate the DLL. The vulnerability can be exploited by a simple file write (or potentially an over-write) which results in a foreign DLL running under the context of the application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Symantec Corporation | Norton Power Eraser | Prior to 5.3.0.24 | affected |
| Symantec Corporation | SymDiag | Prior to 2.1.242 | affected |
Weaknesses
- DLL Preloading
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.