17 matches found
CVE-2019-18893
XSS in the Video Downloader component before 1.5 of Avast Secure Browser 77.1.1831.91 and AVG Secure Browser 77.0.1790.77 allows websites to execute their code in the context of this component. While Video Downloader is technically a browser extension, it is granted a very wide set of privileges...
EUVD-2019-7622
Malware in sbrugna...
EUVD-2019-8575
Malware in sbrugna...
CVE-2019-17190
A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe which is running as NT AUTHORITY\SYSTEM when AvastSecureBrowser.exe checks for new updates. When the update check is triggered, th...
Avast Secure Browser Local Elevation of Privilege Vulnerability
Avast Secure Browser is a new browser built for privacy. A security vulnerability exists in Avast Secure Browser version 76.0.1659.101 that stems from an insecure ACL set by the AvastBrowserUpdate.exe file. The vulnerability can be exploited by creating a hard link named Update.ini in the...
Avast Secure Browser 76.0.1659.101 Local Privilege Escalation Vulnerability
A local privilege escalation issue was discovered in Avast Secure Browser version 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe which is running as NT AUTHORITY\SYSTEM when AvastSecureBrowser.exe checks for new updates. Avast Secure Browser...
CVE-2019-17190
A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe which is running as NT AUTHORITY\SYSTEM when AvastSecureBrowser.exe checks for new updates. When the update check is triggered, th...
CVE-2019-17190
A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe which is running as NT AUTHORITY\SYSTEM when AvastSecureBrowser.exe checks for new updates. When the update check is triggered, th...
Privilege escalation
A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe which is running as NT AUTHORITY\SYSTEM when AvastSecureBrowser.exe checks for new updates. When the update check is triggered, th...
CVE-2019-17190
CVE-2019-17190 affects Avast Secure Browser 76.0.1659.101. The issue is an insecure ACL on Update.ini in %PROGRAMDATA%\Avast Software\Browser\Update, altered by AvastBrowserUpdate.exe running as NT AUTHORITY\SYSTEM during update checks. A low-privileged user can create a hard link Update.ini to a...
CVE-2019-17190
A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe which is running as NT AUTHORITY\SYSTEM when AvastSecureBrowser.exe checks for new updates. When the update check is triggered, th...
PT-2020-9879 · Avast · Avast Secure Browser
Name of the Vulnerable Software and Affected Versions: Avast Secure Browser version 76.0.1659.101 Description: A Local Privilege Escalation issue was discovered due to an insecure ACL set by the AvastBrowserUpdate.exe when AvastSecureBrowser.exe checks for new updates. The elevated process cleans...
CVE-2019-18893
XSS in the Video Downloader component before 1.5 of Avast Secure Browser 77.1.1831.91 and AVG Secure Browser 77.0.1790.77 allows websites to execute their code in the context of this component. While Video Downloader is technically a browser extension, it is granted a very wide set of privileges...
CVE-2019-18893
XSS in the Video Downloader component before 1.5 of Avast Secure Browser 77.1.1831.91 and AVG Secure Browser 77.0.1790.77 allows websites to execute their code in the context of this component. While Video Downloader is technically a browser extension, it is granted a very wide set of privileges...
Cross site scripting
XSS in the Video Downloader component before 1.5 of Avast Secure Browser 77.1.1831.91 and AVG Secure Browser 77.0.1790.77 allows websites to execute their code in the context of this component. While Video Downloader is technically a browser extension, it is granted a very wide set of privileges...
CVE-2019-18893
XSS in the Video Downloader component before 1.5 of Avast Secure Browser 77.1.1831.91 and AVG Secure Browser 77.0.1790.77 allows websites to execute their code in the context of this component. While Video Downloader is technically a browser extension, it is granted a very wide set of privileges...
CVE-2019-18893
CVE-2019-18893 involves an XSS flaw in the Video Downloader component (pre-1.5) of Avast Secure Browser 77.1.1831.91 and AVG Secure Browser 77.0.1790.77. The vulnerability lets an attacker’s website execute code in the context of this component. Although Video Downloader is a browser extension, i...