CVE-2017-7444
First published: Wed Apr 05 2017(Updated: )
In Veritas System Recovery before 16 SP1, there is a DLL hijacking vulnerability in the patch installer if an attacker has write access to the directory from which the product is executed.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Veritas System Recovery | =16 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-7444?
The severity of CVE-2017-7444 is classified as medium due to the potential for DLL hijacking.
How do I fix CVE-2017-7444?
To fix CVE-2017-7444, ensure that the application is updated to Veritas System Recovery 16 SP1 or later.
Who is affected by CVE-2017-7444?
CVE-2017-7444 affects users of Veritas System Recovery versions prior to 16 SP1.
What kind of vulnerability is CVE-2017-7444?
CVE-2017-7444 is a DLL hijacking vulnerability that can be exploited if an attacker gains write access to the directory.
What should I do if I cannot update to the latest version for CVE-2017-7444?
If unable to update, restrict write access to the directory where Veritas System Recovery is executed as a temporary mitigation.
- collector/nvd-index
- vendor/veritas
- canonical/veritas system recovery
- version/veritas system recovery/16