symantec norton-utilities CVE-2018-5235 is a vulnerability in Symantec Norton Utilities
Published on August 22, 2018

Norton Utilities (prior to 16.0.3.44) may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a specific search path to locate the DLL. The vulnerability can be exploited by a simple file write (or potentially an over-write) which results in a foreign DLL running under the context of the application.

NVD


Products Associated with CVE-2018-5235

Want to know whenever a new CVE is published for Symantec Norton Utilities? stack.watch will email you.

Symantec Norton Utilities
 

Affected Versions

Symantec Corporation Norton Utilities Version Prior to 16.0.3.44 is affected by CVE-2018-5235

Exploit Probability

EPSS
0.16%
Percentile
36.21%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.