7.3

CVE-2018-18364

Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file (DLL) that the attacker then attempts to run via a linked application.

Data is provided by the National Vulnerability Database (NVD)
SymantecGhost Solution Suite Version3.0 Updatehf1
SymantecGhost Solution Suite Version3.0 Updatehf2
SymantecGhost Solution Suite Version3.0 Updatehf3
SymantecGhost Solution Suite Version3.0 Updatehf4
SymantecGhost Solution Suite Version3.0 Updatehf5
SymantecGhost Solution Suite Version3.1 Updatemp1
SymantecGhost Solution Suite Version3.1 Updatemp2
SymantecGhost Solution Suite Version3.1 Updatemp3
SymantecGhost Solution Suite Version3.1 Updatemp4
SymantecGhost Solution Suite Version3.1 Updatemp5
SymantecGhost Solution Suite Version3.1 Updatemp6
SymantecGhost Solution Suite Version3.2 Updateru1
SymantecGhost Solution Suite Version3.2 Updateru2
SymantecGhost Solution Suite Version3.2 Updateru3
SymantecGhost Solution Suite Version3.2 Updateru4
SymantecGhost Solution Suite Version3.2 Updateru5
SymantecGhost Solution Suite Version3.2 Updateru6
SymantecGhost Solution Suite Version3.2 Updateru7
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.26% 0.491
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.3 1.3 5.9
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 6 6.8 6.4
AV:N/AC:M/Au:S/C:P/I:P/A:P
CWE-426 Untrusted Search Path

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.