CVE-2016-5311

Published: Jan 9, 2020Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.

Affected (9)

Products: Symantec: Endpoint Protection, Endpoint Protection Cloud, Norton 360, Norton Antivirus, Norton Antivirus With Backup, Norton Family, Norton Internet Security, Norton Security, Norton Security With Backup

Symantec

9 products

Endpoint Protection

Endpoint Protection Cloud

Norton 360

Norton Antivirus

Norton Antivirus With Backup

Norton Family

Norton Internet Security

Norton Security

Norton Security With Backup

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Symantec Endpoint Protection	Before 22.8.0.50
Symantec Endpoint Protection Cloud	Before 22.8.0.50
Symantec Norton 360	Before 22.7
Symantec Norton Antivirus	Before 22.7
Symantec Norton Antivirus With Backup	Before 22.7
Symantec Norton Family	Before 22.7
Symantec Norton Internet Security	Before 22.7
Symantec Norton Security	Before 22.7
Symantec Norton Security With Backup	Before 22.7