Podatność CVE-2021-46443
Publikacja: 2022-04-01

Opis:
Spoofer 1.4.6 suffers from unquoted service paths vulnerability. An attacker as a low privileged local user can hijack the execution flow of the application to escalate privileges by inserting a malicious executable in a higher level directory with the vulnerable path.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Med.
Spoofer 1.4.6 Privilege Escalation / Unquoted Service Path
Asim Sattar
31.03.2022

Typ:

CWE-264

 (Permissions, Privileges, and Access Controls)

 Referencje:
http://spoofer.com
https://packetstormsecurity.com/files/166553/Spoofer-1.4.6-Privilege-Escalation-Unquoted-Service-Path.html
Copyright 2024, cxsecurity.com

 

Back to Top