Symantec Ghost Solution Suite CVE-2018-18364 DLL Loading Arbitrary Code Execution Vulnerability

Bugtraq ID:	106684
Class:	Design Error
CVE:	CVE-2018-18364
Remote:	Yes
Local:	No
Published:	Jan 28 2019 12:00AM
Updated:	Jan 28 2019 12:00AM
Credit:	Lasse Hauballe Jensen
Vulnerable:	Symantec Ghost Solution Suite 3.3 Symantec Ghost Solution Suite 3.2 Symantec Ghost Solution Suite 3.1 MP4 Symantec Ghost Solution Suite 3.1
Not Vulnerable:	Symantec Ghost Solution Suite 3.3 RU1

Symantec Ghost Solution Suite CVE-2018-18364 DLL Loading Arbitrary Code Execution Vulnerability

Symantec Ghost Solution Suite is prone to an arbitrary code-execution vulnerability.

An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition.

Versions prior to Ghost Solution Suite 3.3 RU1 are vulnerable.

Symantec Ghost Solution Suite CVE-2018-18364 DLL Loading Arbitrary Code Execution Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Symantec Ghost Solution Suite CVE-2018-18364 DLL Loading Arbitrary Code Execution Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Symantec Ghost Solution Suite CVE-2018-18364 DLL Loading Arbitrary Code Execution Vulnerability

References:

• Symantec Ghost Solution Suite Product Page (Symantec)
  
• Symantec Ghost Solution Suite DLL Hijack (Symantec)