How severe is CVE-2017-13676?

This vulnerability has a severity rating of HIGH with a CVSS score of 7 out of 10.

What type of vulnerability is CVE-2017-13676?

This is classified as CWE-94, which is a common weakness in software security.

CVE-2017-13676 - HIGH Severity | CVSS 7

Vulnerability Description

Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a specific search path to locate the DLL. The vulnerability can be exploited by a simple file write (or potentially an over-write) which results in a foreign DLL running under the context of the application. A Norton Remove & Reinstall update, version 4.4.0.58, has been released which addresses the aforementioned vulnerability.

Related Vulnerabilities

CVE-2016-8354

HIGH

CVSS:7.0(High)

An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Unity projects can be compiled as x86 instructions and loaded onto the PLC Simulator delivered with Unity PRO. These x86 instruc...

CWE-942016

CVE-2017-6455

HIGH

CVSS:7.0(High)

NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows local users to gain privileges via a DLL in the PPSAPI_DLLS environment variable.

CWE-942017

CVE-2017-8284

HIGH

CVSS:7.0(High)

The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain priv...

CWE-942017

CVE-2019-11552

HIGH

CVSS:7.0(High)

Code42 Enterprise and Crashplan for Small Business Client version 6.7 before 6.7.5, 6.8 before 6.8.8, and 6.9 before 6.9.4 allows eval injection. A proxy auto-configuration file, crafted by a lesser p...

CWE-942019

CVE-2024-6655

HIGH

CVSS:7.0(High)

A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory.

CWE-942024

CVE-2016-5424

HIGH

CVSS:7.1(High)

PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain super...

CWE-942016