| |
Vulnerability CVE-2020-8895
Published: 2020-04-21
| Description: |
A vulnerability in the windows installer of Google Earth Pro versions prior to 7.3.3 allows an attacker using DLL hijacking to insert malicious local files to execute unauthenticated remote code on the targeted system. |
Type:
CWE-427 (Uncontrolled Search Path Element)
CVSS2 => (AV:L/AC:M/Au:N/C:P/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.4/10 |
6.4/10 |
3.4/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Medium |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
https://support.google.com/earth/answer/40901?hl=en
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
