Details of VAR-202001-1213

ID

VAR-202001-1213

CVE

CVE-2016-5311

TITLE

plural Symantec Uncontrolled search path element vulnerability in product

Trust: 0.8

sources: JVNDB: JVNDB-2016-009613

DESCRIPTION

A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges. plural Symantec The product is vulnerable to an uncontrolled search path element.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Multiple Symantec Products are prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code with SYSTEM privileges on a local client system. Failed attempts may lead to denial-of-service conditions. are security series software of Symantec Corporation of the United States

Trust: 2.07

sources: NVD: CVE-2016-5311 // JVNDB: JVNDB-2016-009613 // BID: 94295 // VULHUB: VHN-94130 // VULMON: CVE-2016-5311

AFFECTED PRODUCTS

vendor:	symantec	model:	norton antivirus with backup	scope:	lt	version:	22.7	Trust: 1.0
vendor:	symantec	model:	norton antivirus	scope:	lt	version:	22.7	Trust: 1.0
vendor:	symantec	model:	norton family	scope:	lt	version:	22.7	Trust: 1.0
vendor:	symantec	model:	norton internet security	scope:	lt	version:	22.7	Trust: 1.0
vendor:	symantec	model:	norton security	scope:	lt	version:	22.7	Trust: 1.0
vendor:	symantec	model:	endpoint protection cloud	scope:	lt	version:	22.8.0.50	Trust: 1.0
vendor:	symantec	model:	norton 360	scope:	lt	version:	22.7	Trust: 1.0
vendor:	symantec	model:	endpoint protection	scope:	lt	version:	22.8.0.50	Trust: 1.0
vendor:	symantec	model:	norton security with backup	scope:	lt	version:	22.7	Trust: 1.0
vendor:	シマンテック	model:	norton antivirus	scope:	eq	version:	with backup	Trust: 0.8
vendor:	シマンテック	model:	norton internet security	scope:	-	version:	-	Trust: 0.8
vendor:	シマンテック	model:	ノートンファミリー	scope:	-	version:	-	Trust: 0.8
vendor:	シマンテック	model:	norton antivirus with backup	scope:	-	version:	-	Trust: 0.8
vendor:	シマンテック	model:	norton security	scope:	eq	version:	with backup	Trust: 0.8
vendor:	シマンテック	model:	symantec endpoint protection cloud	scope:	-	version:	-	Trust: 0.8
vendor:	シマンテック	model:	norton security with backup	scope:	-	version:	-	Trust: 0.8
vendor:	シマンテック	model:	symantec endpoint protection	scope:	eq	version:	cloud	Trust: 0.8
vendor:	シマンテック	model:	norton 360	scope:	-	version:	-	Trust: 0.8
vendor:	symantec	model:	norton security with backup	scope:	eq	version:	0	Trust: 0.3
vendor:	symantec	model:	norton security	scope:	eq	version:	0	Trust: 0.3
vendor:	symantec	model:	norton product family	scope:	eq	version:	0	Trust: 0.3
vendor:	symantec	model:	norton internet security	scope:	eq	version:	0	Trust: 0.3
vendor:	symantec	model:	norton antivirus with backup	scope:	eq	version:	0	Trust: 0.3
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	0	Trust: 0.3
vendor:	symantec	model:	norton	scope:	eq	version:	3600	Trust: 0.3
vendor:	symantec	model:	endpoint protection small business edition cloud	scope:	eq	version:	0	Trust: 0.3
vendor:	symantec	model:	endpoint protection cloud client	scope:	eq	version:	0	Trust: 0.3
vendor:	symantec	model:	norton security with backup	scope:	ne	version:	22.7	Trust: 0.3
vendor:	symantec	model:	norton security	scope:	ne	version:	22.7	Trust: 0.3
vendor:	symantec	model:	norton product family	scope:	ne	version:	22.7	Trust: 0.3
vendor:	symantec	model:	norton internet security	scope:	ne	version:	22.7	Trust: 0.3
vendor:	symantec	model:	norton antivirus with backup	scope:	ne	version:	22.7	Trust: 0.3
vendor:	symantec	model:	norton antivirus	scope:	ne	version:	22.7	Trust: 0.3
vendor:	symantec	model:	norton	scope:	ne	version:	36022.7	Trust: 0.3
vendor:	symantec	model:	endpoint protection small business edition cloud	scope:	ne	version:	22.8.0.50	Trust: 0.3
vendor:	symantec	model:	endpoint protection cloud client	scope:	ne	version:	22.8.0.50	Trust: 0.3

sources: BID: 94295 // JVNDB: JVNDB-2016-009613 // NVD: CVE-2016-5311

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-5311
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-5311
value:	HIGH
Trust: 0.8
VULHUB:	VHN-94130
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2016-5311
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-5311
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-94130
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-5311
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2016-5311
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-94130 // VULMON: CVE-2016-5311 // JVNDB: JVNDB-2016-009613 // NVD: CVE-2016-5311

PROBLEMTYPE DATA

problemtype:	CWE-427	Trust: 1.1
problemtype:	Uncontrolled search path elements (CWE-427) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-94130 // JVNDB: JVNDB-2016-009613 // NVD: CVE-2016-5311

THREAT TYPE

local

Trust: 0.9

sources: BID: 94295 // CNNVD: CNNVD-201611-460

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201611-460

PATCH

title:	SYM16-021	url:	https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161117_00	Trust: 0.8
title:	Multiple Symantec Repair measures for product local rights escalation	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65798	Trust: 0.6

sources: JVNDB: JVNDB-2016-009613 // CNNVD: CNNVD-201611-460

EXTERNAL IDS

db:	NVD	id:	CVE-2016-5311	Trust: 2.9
db:	BID	id:	94295	Trust: 2.1
db:	SECTRACK	id:	1037324	Trust: 1.8
db:	SECTRACK	id:	1037325	Trust: 1.8
db:	SECTRACK	id:	1037323	Trust: 1.8
db:	JVNDB	id:	JVNDB-2016-009613	Trust: 0.8
db:	CNNVD	id:	CNNVD-201611-460	Trust: 0.7
db:	VULHUB	id:	VHN-94130	Trust: 0.1
db:	VULMON	id:	CVE-2016-5311	Trust: 0.1

sources: VULHUB: VHN-94130 // VULMON: CVE-2016-5311 // BID: 94295 // JVNDB: JVNDB-2016-009613 // CNNVD: CNNVD-201611-460 // NVD: CVE-2016-5311

REFERENCES

url:	https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161117_00	Trust: 2.0
url:	http://www.securityfocus.com/bid/94295	Trust: 1.9
url:	http://www.securitytracker.com/id/1037323	Trust: 1.8
url:	http://www.securitytracker.com/id/1037324	Trust: 1.8
url:	http://www.securitytracker.com/id/1037325	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-5311	Trust: 1.4
url:	http://www.symantec.com	Trust: 0.3
url:	https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161117_00	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/427.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-94130 // VULMON: CVE-2016-5311 // BID: 94295 // JVNDB: JVNDB-2016-009613 // CNNVD: CNNVD-201611-460 // NVD: CVE-2016-5311

CREDITS

Herman Groeneveld, aka Sh4d0wman, of research at firstlink.nl.

Trust: 0.9

sources: BID: 94295 // CNNVD: CNNVD-201611-460

SOURCES

db:	VULHUB	id:	VHN-94130
db:	VULMON	id:	CVE-2016-5311
db:	BID	id:	94295
db:	JVNDB	id:	JVNDB-2016-009613
db:	CNNVD	id:	CNNVD-201611-460
db:	NVD	id:	CVE-2016-5311

LAST UPDATE DATE

2024-11-23T23:04:33.498000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-94130	date:	2020-01-29T00:00:00
db:	VULMON	id:	CVE-2016-5311	date:	2020-01-29T00:00:00
db:	BID	id:	94295	date:	2016-11-24T01:13:00
db:	JVNDB	id:	JVNDB-2016-009613	date:	2020-02-12T00:00:00
db:	CNNVD	id:	CNNVD-201611-460	date:	2020-01-21T00:00:00
db:	NVD	id:	CVE-2016-5311	date:	2024-11-21T02:54:04.670

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-94130	date:	2020-01-09T00:00:00
db:	VULMON	id:	CVE-2016-5311	date:	2020-01-09T00:00:00
db:	BID	id:	94295	date:	2016-11-17T00:00:00
db:	JVNDB	id:	JVNDB-2016-009613	date:	2020-02-12T00:00:00
db:	CNNVD	id:	CNNVD-201611-460	date:	2016-11-23T00:00:00
db:	NVD	id:	CVE-2016-5311	date:	2020-01-09T20:15:11.163