CVE-2019-17099
Summary
| CVE | CVE-2019-17099 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-01-27 18:15:00 UTC |
| Updated | 2020-02-01 19:18:00 UTC |
| Description | An Untrusted Search Path vulnerability in EPSecurityService.exe as used in Bitdefender Endpoint Security Tools versions prior to 6.6.11.163 allows an attacker to load an arbitrary DLL file from the search path. This issue affects: Bitdefender EPSecurityService.exe versions prior to 6.6.11.163. |
Risk And Classification
Problem Types: CWE-426
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Bitdefender | Endpoint Security Tools | All | All | All | All |
| Application | Bitdefender | Endpoint Security Tools | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Untrusted Search Path vulnerability in EPSecurityService.exe (VA-3500) - Bitdefender | CONFIRM | www.bitdefender.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: Bugcrowd user khangkito
There are currently no legacy QID mappings associated with this CVE.