CVE-2018-6514

CVE-2018-6514 : Affected software is Puppet Agent on Windows with DLL preloading in Facter. Versions affected: Puppet Agent 1.10.x before 1.10.13; 5.3.x before 5.3.7; 5.5.x before 5.5.2. Root cause is a DLL preloading vulnerability that could lead to privilege escalation. Impact is described as h...

CVE-2018-6514

In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a privilege escalation...

Triaging a DLL planting vulnerability

DLL planting aka binary planting/hijacking/preloading resurface every now and then, it is not always clear on how Microsoft will respond to the report. This blog post will try to clarify the parameters considered while triaging DLL planting issues. It is well known that when an application loads ...

CVE-2017-11397

A service DLL preloading vulnerability in Trend Micro Encryption for Email versions 5.6 and below could allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system...

Design/Logic Flaw

A service DLL preloading vulnerability in Trend Micro Encryption for Email versions 5.6 and below could allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system...

CVE-2017-11397

A service DLL preloading vulnerability affects Trend Micro Encryption for Email versions ≤ 5.6, where an unauthenticated remote attacker could trigger arbitrary code execution on the vulnerable system. The root cause is a DLL preloading issue in the service component, enabling code execution with...

CVE-2017-12312

An untrusted search path aka DLL Preloading vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working directory wher...

CVE-2017-12314

A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to the device availability, confidentiality, and integrity, aka Insecure Library Loading. The vulnerability is due to...

Input validation

An untrusted search path aka DLL Preloading vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working directory wher...

Code injection

A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to the device availability, confidentiality, and integrity, aka Insecure Library Loading. The vulnerability is due to...

CVE-2017-12314

Cisco FindIT Network Discovery Utility is affected by a DLL preloading vulnerability. An authenticated, local attacker could place a malicious DLL in the host’s search path, causing the utility to load the attacker’s DLL and partially compromise confidentiality, integrity, and availability on the...

CVE-2017-12314

A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to the device availability, confidentiality, and integrity, aka Insecure Library Loading. The vulnerability is due to...

Cisco FindIT Discovery Utility Insecure Library Loading Vulnerability

A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to the device availability, confidentiality, and integrity. The vulnerability is due to the application loading a...

Multiple vulnerabilities in BOOK WALKER for Windows/Mac

Overview BOOK WALKER for Windows/Mac provided by BOOK WALKER Co.,Ltd. are applications to view e-books. Installer of BOOK WALKER for Windows contains a vulnerabirity, which may lead to insecurely loading Dynamic Link Libraries. Also BOOK WALKER for Windows/Mac contain a vulnerability which may le...

JVN#18420340: Multiple vulnerabilities in BOOK WALKER for Windows/Mac

BOOK WALKER for Windows/Mac provided by BOOK WALKER Co.,Ltd. are applications to view e-books. Installer of BOOK WALKER for Windows contains a vulnerabirity, which may lead to insecurely loading Dynamic Link Libraries. Also BOOK WALKER for Windows/Mac contain a vulnerability which may lead to...

Norton Remove & Reinstall DLL Preloading Code Execution Vulnerability

Norton Remove & Reinstall is prone to dll preloading code execution vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-13676

Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a...

Design/Logic Flaw

Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a...

CVE-2017-13676

Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a...

CVE-2017-13676

The CVE-2017-13676 issue affects Norton Remove & Reinstall and is described as a DLL preloading/code execution vulnerability. The root cause involves the application loading a DLL from a search path which an attacker could control, allowing a malicious DLL to execute under the vulnerable process ...