Multiple Symantec Products CVE-2018-5238 DLL Loading Local Privilege Escalation Vulnerability
BID:105100
CVE-2018-5238 |Info
Multiple Symantec Products CVE-2018-5238 DLL Loading Local Privilege Escalation Vulnerability
| Bugtraq ID: | 105100 |
| Class: | Unknown |
| CVE: |
CVE-2018-5238 |
| Remote: | No |
| Local: | Yes |
| Published: | Aug 22 2018 12:00AM |
| Updated: | Aug 22 2018 12:00AM |
| Credit: | Kushal Arvind Shah of Fortinet's FortiGuard Labs |
| Vulnerable: |
Symantec SymDiag 2.1.240 Symantec SymDiag 2.1.236 Symantec SymDiag 2.1.234 Symantec SymDiag 2.1.230 Symantec SymDiag 2.1.228 Symantec SymDiag 2.1.224 Symantec SymDiag 2.1.222 Symantec Norton Power Eraser (NPE) 5.3.0.20 Symantec Norton Power Eraser (NPE) 5.1 Symantec Norton Power Eraser (NPE) 2.0.0.52 |
| Not Vulnerable: |
Symantec SymDiag 2.1.242 Symantec Norton Power Eraser (NPE) 5.3.0.24 |
Discussion
Multiple Symantec Products CVE-2018-5238 DLL Loading Local Privilege Escalation Vulnerability
Multiple Symantec products are prone to a local privilege-escalation vulnerability.
A local attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition.
The following products are affected :
Versions prior to Norton Power Eraser 5.3.0.24
Versions prior to SymDiag 2.1.242
Multiple Symantec products are prone to a local privilege-escalation vulnerability.
A local attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition.
The following products are affected :
Versions prior to Norton Power Eraser 5.3.0.24
Versions prior to SymDiag 2.1.242
Solution / Fix
Multiple Symantec Products CVE-2018-5238 DLL Loading Local Privilege Escalation Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.