CVE-2016-6592

Sažetak

A vulnerability was found in Symantec Norton Download Manager versions prior to 5.6. A remote user can create a specially crafted DLL file that, when placed on the target user's system, will cause the Norton Download Manager component to load the remote user's DLL instead of the intended DLL and execute arbitrary code when the Norton Download Manager component is run by the target user.

Reference

http://www.securityfocus.com/bid/94695
http://www.securityfocus.com/bid/95444
http://www.securitytracker.com/id/1037622
http://www.securitytracker.com/id/1037623
http://www.securitytracker.com/id/1037624
https://support.symantec.com/us/en/article.SYMSA1394.html

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

21-01-2020 - 19:34

Objavljeno

14-01-2020 - 21:15