CVE-2018-18364

Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file (DLL) that the attacker then attempts to run via a linked application.

CVSS v2.0 6

6^/10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 6.8 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

CVSS v3.0 7.3 HIGH

7.3^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.3 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.symantec.com/en_US/article.SYMSA1474.html	Mitigation Vendor Advisory
http://www.securityfocus.com/bid/106684	Third Party Advisory

Configurations

Configuration 1

cpe:2.3:a:symantec:ghost_solution_suite:2.5:*:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:2.0:*:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.1:mp1:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.1:mp4:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.1:mp6:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.2:*:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.1:*:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.0:*:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.2:ru1:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.2:ru2:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.2:ru3:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.2:ru4:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.2:ru5:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.2:ru6:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.2:ru7:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.3:*:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.1:mp2:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.1:mp3:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.1:mp5:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.0:hf5:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.0:hf4:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.0:hf3:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.0:hf2:*:*:*:*:*:*

cpe:2.3:a:symantec:ghost_solution_suite:3.0:hf1:*:*:*:*:*:*

History

24 Jan 2023, 16:19

Type	Values Removed	Values Added
CPE		cpe:2.3:a:predictapp_project:predictapp::::::::
References	~~(MISC) https://github.com/abhilash1985/PredictApp/commit/b067372f3ee26fe1b657121f0f41883ff4461a06 -~~	(MISC) https://github.com/abhilash1985/PredictApp/commit/b067372f3ee26fe1b657121f0f41883ff4461a06 - Patch, Third Party Advisory
References	~~(MISC) https://github.com/abhilash1985/PredictApp/pull/73 -~~	(MISC) https://github.com/abhilash1985/PredictApp/pull/73 - Patch, Third Party Advisory
References	~~(MISC) https://vuldb.com/?id.218387 -~~	(MISC) https://vuldb.com/?id.218387 - Third Party Advisory
References	~~(MISC) https://vuldb.com/?ctiid.218387 -~~	(MISC) https://vuldb.com/?ctiid.218387 - Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
First Time		Predictapp Project predictapp Predictapp Project

16 Jan 2023, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2019-02-08 05:29

Updated : 2019-02-13 06:47

NVD link : CVE-2018-18364

Mitre link : CVE-2018-18364

Products Affected

No products.

CWE

CWE-426

Untrusted Search Path