CVE-2018-6700

Published: Sep 24, 2018Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware.

Affected (1)

Products: Mcafee: True Key

Mcafee

1 product

True Key

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mcafee True Key	Before 5.1.165

Related CWEs

CWE-426

Untrusted Search Path

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

References (2)

https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102846

Source: trellixpsirt@trellix.com

https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102846

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.