CVE-2018-18364
HIGHSymantec Ghost Solution Suite < 3.3 RU1 - DLL Hijacking via Untrusted Search Path
Title source: llmDescription
Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file (DLL) that the attacker then attempts to run via a linked application.
References (2)
Core 2
Core References
Third Party Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106684
Mitigation, Vendor Advisory x_refsource_confirm
https://support.symantec.com/en_US/article.SYMSA1474.html
Scores
CVSS v3
7.3
EPSS
0.0026
EPSS Percentile
49.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-426
Status
published
Products (6)
symantec/ghost_solution_suite
2.0
symantec/ghost_solution_suite
2.5
symantec/ghost_solution_suite
3.0 (6 CPE variants)
symantec/ghost_solution_suite
3.1 (7 CPE variants)
symantec/ghost_solution_suite
3.2 (8 CPE variants)
symantec/ghost_solution_suite
3.3
Published
Feb 08, 2019
Tracked Since
Feb 18, 2026