216 matches found
Sql injection
Symantec Endpoint Protection Manager SEPM prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use...
CVE-2018-18367
CVE-2018-18367 affects Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1, with a DLL preloading vulnerability when the application loads a DLL for execution and a malicious DLL is provided. The entry contains no public details on exploitation in...
CVE-2018-18367
Symantec Endpoint Protection Manager SEPM prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use...
Sql injection
Norton Security Windows client prior to 22.16.3 and SEP SBE Windows client prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution an...
CVE-2018-18369
Norton Security Windows client prior to 22.16.3 and SEP SBE Windows client prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution an...
CVE-2018-18369
Norton Security Windows client prior to 22.16.3 and SEP SBE Windows client prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution an...
CVE-2018-18369
The CVE-2018-18369 entry describes a DLL Preloading vulnerability affecting Windows clients: Norton Security prior to 22.16.3 and SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, and SEP-12.1.7484.7002. Root cause is a DLL loading order issue that can allow an attacker to substitute a m...
Symantec Endpoint Protection Client 12.1.x / 14.x < 14.2 MP1 DLL Preloading Vulnerability (SYMSA1468)
The version of Symantec Endpoint Protection SEP Client installed on the remote host is 12.1.x or 14.x prior to 14.2 MP1. It is, therefore, affected by an unspecified DLL preloading vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's...
CVE-2018-12245
Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exploit only...
Code injection
Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exploit only...
CVE-2018-12245
Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exploit only...
CVE-2018-12245
CVE-2018-12245 affects Symantec Endpoint Protection (SEP) Client versions prior to 14.2 MP1. It is a DLL Preloading vulnerability that can trigger when an application is installed, loading a DLL supplied by an attacker. Impact details are described in the connected sources as a install-time issue...
CVE-2018-12245
Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exploit only...
SEP Multiple Issues
SUMMARY Symantec has released updates to address issues that were discovered in the Norton, Symantec Endpoint Protection SEP, Symantec Endpoint Protection Small Business Edition SEP SBE and Symantec Endpoint Protection Cloud SEP Cloud products. AFFECTED PRODUCTS Norton --- CVE | Affected Versions...
Sql injection
Norton Utilities prior to 16.0.3.44 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will...
CVE-2018-5235
Norton Utilities prior to 16.0.3.44 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will...
CVE-2018-5238
Norton Power Eraser prior to 5.3.0.24 and SymDiag prior to 2.1.242 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the...
Sql injection
Norton Power Eraser prior to 5.3.0.24 and SymDiag prior to 2.1.242 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the...
CVE-2018-5238
Norton Power Eraser prior to 5.3.0.24 and SymDiag prior to 2.1.242 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the...
CVE-2018-5238
CVE-2018-5238 affects Norton Power Eraser (before 5.3.0.24) and SymDiag (before 2.1.242). It is a DLL preloading vulnerability where an application loads a DLL and an attacker-provided DLL in the search path can be chosen, allowing code execution under the application’s context. The vulnerability...