RSS   Vulnerabilities for 'Altools'   RSS

2019-08-13
 
CVE-2019-12808

CWE-264
 

 
ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. An attacker can overwrite an executable that is launched as a service to exploit this vulnerability and execute arbitrary code with system privileges.

 

 >>> Vendor: Estsoft 6 Products
Alzip
Internetdisk
Alftp
Alsee
Alupdate
Altools


Copyright 2019, cxsecurity.com

 

Back to Top