CVE-2018-18364

Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file (DLL) that the attacker then attempts to run via a linked application.

Published: Feb 8, 2019
Updated: Apr 13, 2023
CVE: CVE-2018-18364
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.3
AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6
AV:N/AC:M/Au:S/C:P/I:P/A:P

CWEs:

CWE-426

Affected Software
References

Software	From	Fixed in
symantec / ghost_solution_suite	2.5	2.5.x
symantec / ghost_solution_suite	2.0	2.0.x
symantec / ghost_solution_suite	3.1-mp1	3.1-mp1.x
symantec / ghost_solution_suite	3.1-mp4	3.1-mp4.x
symantec / ghost_solution_suite	3.1-mp6	3.1-mp6.x
symantec / ghost_solution_suite	3.2	3.2.x
symantec / ghost_solution_suite	3.1	3.1.x
symantec / ghost_solution_suite	3.0	3.0.x
symantec / ghost_solution_suite	3.2-ru1	3.2-ru1.x
symantec / ghost_solution_suite	3.2-ru2	3.2-ru2.x
symantec / ghost_solution_suite	3.2-ru3	3.2-ru3.x
symantec / ghost_solution_suite	3.2-ru4	3.2-ru4.x
symantec / ghost_solution_suite	3.2-ru5	3.2-ru5.x
symantec / ghost_solution_suite	3.2-ru6	3.2-ru6.x
symantec / ghost_solution_suite	3.2-ru7	3.2-ru7.x
symantec / ghost_solution_suite	3.3	3.3.x
symantec / ghost_solution_suite	3.1-mp2	3.1-mp2.x
symantec / ghost_solution_suite	3.1-mp3	3.1-mp3.x
symantec / ghost_solution_suite	3.1-mp5	3.1-mp5.x
symantec / ghost_solution_suite	3.0-hf5	3.0-hf5.x
symantec / ghost_solution_suite	3.0-hf4	3.0-hf4.x
symantec / ghost_solution_suite	3.0-hf3	3.0-hf3.x
symantec / ghost_solution_suite	3.0-hf2	3.0-hf2.x
symantec / ghost_solution_suite	3.0-hf1	3.0-hf1.x

Vulnerability Database

289,871

CVE-2018-18364