Vulnerability in Symantec Norton_utilities
CVE-2018-5235
Norton Utilities (prior to 16.0.3.44) may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use inste…
EPSS: 0.004 (30.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.0 (Medium). Vector: CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Symantec Norton_utilities
- Symantec Corporation Norton Utilities — versions Prior to 16.0.3.44
Weakness classification (CWE)
References
- secure@symantec.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
- secure@symantec.com (x_refsource_CONFIRM, Mitigation, Vendor Advisory)
Frequently asked questions
- What is CVE-2018-5235?
- CVE-2018-5235 is a medium-severity vulnerability in Symantec Norton_utilities, classified under Uncontrolled Search Path Element. CVSS score: 6.0/10. Published 2018-08-22.
- How severe is CVE-2018-5235?
- Medium severity. CVSS v3 base score is 6.0 out of 10.