RSS   Vulnerabilities for 'Alupdate'   RSS

2014-11-03
 
CVE-2014-8494

CWE-264
 

 
ESTsoft ALUpdate 8.5.1.0.0 uses weak permissions (Users: Full Control) for the (1) AlUpdate folder and (2) AlUpdate.exe, which allows local users to gain privileges via a Trojan horse file.

 

 >>> Vendor: Estsoft 5 Products
Alzip
Internetdisk
Alftp
Alsee
Alupdate


Copyright 2017, cxsecurity.com