Search criteria
2 vulnerabilities found for Dell by dell
CVE-2017-2802 (GCVE-0-2017-2802)
Vulnerability from nvd – Published: 2018-04-24 19:00 – Updated: 2024-09-17 03:59
VLAI?
Summary
An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. An attacker with local access to vulnerable system can exploit this vulnerability.
Severity ?
No CVSS data available.
CWE
- dll hijiacking
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.talosintelligence.com/vulnerability_r… | x_refsource_MISC |
| http://www.securityfocus.com/bid/99360 | vdb-entryx_refsource_BID |
Impacted products
Date Public ?
2017-06-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.816Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0247"
},
{
"name": "99360",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99360"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Dell",
"vendor": "dell",
"versions": [
{
"status": "affected",
"version": "Precision Tower 5810 with nvidia graphic cards. PPO Policy Processing Engine - FileVersion : 3.5.5.0 ati.dll ( PPO Monitoring Plugin ) - FileVersion : 3.5.5.0"
}
]
}
],
"datePublic": "2017-06-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. An attacker with local access to vulnerable system can exploit this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "dll hijiacking",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-25T09:57:01.000Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0247"
},
{
"name": "99360",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99360"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"DATE_PUBLIC": "2017-06-30T00:00:00",
"ID": "CVE-2017-2802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dell",
"version": {
"version_data": [
{
"version_value": "Precision Tower 5810 with nvidia graphic cards. PPO Policy Processing Engine - FileVersion : 3.5.5.0 ati.dll ( PPO Monitoring Plugin ) - FileVersion : 3.5.5.0"
}
]
}
}
]
},
"vendor_name": "dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. An attacker with local access to vulnerable system can exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "dll hijiacking"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0247",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0247"
},
{
"name": "99360",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99360"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2017-2802",
"datePublished": "2018-04-24T19:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:59:10.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2802 (GCVE-0-2017-2802)
Vulnerability from cvelistv5 – Published: 2018-04-24 19:00 – Updated: 2024-09-17 03:59
VLAI?
Summary
An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. An attacker with local access to vulnerable system can exploit this vulnerability.
Severity ?
No CVSS data available.
CWE
- dll hijiacking
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.talosintelligence.com/vulnerability_r… | x_refsource_MISC |
| http://www.securityfocus.com/bid/99360 | vdb-entryx_refsource_BID |
Impacted products
Date Public ?
2017-06-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.816Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0247"
},
{
"name": "99360",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99360"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Dell",
"vendor": "dell",
"versions": [
{
"status": "affected",
"version": "Precision Tower 5810 with nvidia graphic cards. PPO Policy Processing Engine - FileVersion : 3.5.5.0 ati.dll ( PPO Monitoring Plugin ) - FileVersion : 3.5.5.0"
}
]
}
],
"datePublic": "2017-06-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. An attacker with local access to vulnerable system can exploit this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "dll hijiacking",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-25T09:57:01.000Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0247"
},
{
"name": "99360",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99360"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"DATE_PUBLIC": "2017-06-30T00:00:00",
"ID": "CVE-2017-2802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dell",
"version": {
"version_data": [
{
"version_value": "Precision Tower 5810 with nvidia graphic cards. PPO Policy Processing Engine - FileVersion : 3.5.5.0 ati.dll ( PPO Monitoring Plugin ) - FileVersion : 3.5.5.0"
}
]
}
}
]
},
"vendor_name": "dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to privilege escalation. An attacker with local access to vulnerable system can exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "dll hijiacking"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0247",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0247"
},
{
"name": "99360",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99360"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2017-2802",
"datePublished": "2018-04-24T19:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:59:10.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}