{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-26T15:26:07.448","vulnerabilities":[{"cve":{"id":"CVE-2017-13676","sourceIdentifier":"secure@symantec.com","published":"2017-09-28T01:29:01.373","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a specific search path to locate the DLL. The vulnerability can be exploited by a simple file write (or potentially an over-write) which results in a foreign DLL running under the context of the application. A Norton Remove & Reinstall update, version 4.4.0.58, has been released which addresses the aforementioned vulnerability."},{"lang":"es","value":"Norton Remove Reinstall puede ser susceptible a una vulnerabilidad de precarga de DLL. Este tipo de problema ocurre cuando una aplicación trata de llamar a un DLL para ejecutarlo y un atacante proporciona en su lugar un DLL malicioso. Dependiendo de cómo esté configurada la aplicación, ésta por lo general seguirá una ruta de búsqueda específica para localizar el DLL. La vulnerabilidad puede ser explotada mediante una escritura simple de archivo (o, potencialmente, una sobrescritura), lo que resulta en un DLL externo que se ejecuta bajo el contexto de la aplicación. Se ha lanzado una actualización de Norton Remove Reinstall, la versión 4.4.0.58, que soluciona esta vulnerabilidad."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:P/A:P","baseScore":4.4,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:norton:remove_\\&_reinstall:*:*:*:*:*:*:*:*","versionEndIncluding":"-","matchCriteriaId":"7FECBAB0-646F-4DAE-BB3E-30AFDA299280"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/100939","source":"secure@symantec.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170926_00","source":"secure@symantec.com","tags":["Mitigation","VDB Entry","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/100939","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170926_00","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","VDB Entry","Vendor Advisory"]}]}}]}