CVE-2018-5238
Published: Aug 22, 2018
Modified: Sep 17, 2024
Description
Norton Power Eraser (prior to 5.3.0.24) and SymDiag (prior to 2.1.242) may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a specific search path to locate the DLL. The vulnerability can be exploited by a simple file write (or potentially an over-write) which results in a foreign DLL running under the context of the application.
| Vendor | Product | Versions |
|---|---|---|
Symantec Corporation | Norton Power Eraser | affected Prior to 5.3.0.24 |
Symantec Corporation | SymDiag | affected Prior to 2.1.242 |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now