Published: 08/02/2019 Updated: 13/02/2019
CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8
CVSS v3 Base Score: 7.3 | Impact Score: 5.9 | Exploitability Score: 1.3

Vulnerability Summary

Symantec Ghost Solution Suite CVE-2018-18364 DLL Loading Arbitrary Code Execution Vulnerability

Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file (DLL) that the attacker then attempts to run via a linked application.

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Access Complexity: MEDIUM
Authentication: SINGLE
Access Vector: NETWORK
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Vulnerability Trend

Affected Products

Vendor Product Versions
SymantecGhost Solution Suite2.0, 2.5, 3.0, 3.1, 3.2, 3.3