15 matches found
EUVD-2020-3961
Malware in sbrugna...
CVE-2020-11613
Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissions to the installation folder. Because of this, any user on the system can...
CVE-2020-11614
Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files after download. An attacker can perform a man-in-the-middle attack against this connection and replace...
Mids Reborn Hero Designer Code Issue Vulnerability
Mids Reborn Hero Designer is a suite of game character design software from Jason Thompson Software Developers. A code issue vulnerability exists in Mids Reborn Hero Designer version 2.6.0.7, which stems from the program failing to assign safe default permissions to the installation path, and can...
Unspecified Vulnerability in Mids Reborn Hero Designer
Mids Reborn Hero Designer is a suite of game character design software from Jason Thompson Software Developers. A security vulnerability exists in Mids Reborn Hero Designer version 2.6.0.7, which can be exploited by an attacker to execute an executable file in a user's context by performing a...
CVE-2020-11614
Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files after download. An attacker can perform a man-in-the-middle attack against this connection and replace...
CVE-2020-11613
Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissions to the installation folder. Because of this, any user on the system can...
CVE-2020-11614
Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files after download. An attacker can perform a man-in-the-middle attack against this connection and replace...
CVE-2020-11613
Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissions to the installation folder. Because of this, any user on the system can...
Input validation
Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files after download. An attacker can perform a man-in-the-middle attack against this connection and replace...
Privilege escalation
Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissions to the installation folder. Because of this, any user on the system can...
CVE-2020-11614
The CVE-2020-11614 entry concerns Mids’ Reborn Hero Designer 2.6.0.7. The vulnerability arises because the application downloads the update manifest and update files over cleartext HTTP and does not perform file integrity validation after download. This enables a man-in-the-middle attacker to rep...
CVE-2020-11614
Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files after download. An attacker can perform a man-in-the-middle attack against this connection and replace...
CVE-2020-11613
Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissions to the installation folder. Because of this, any user on the system can...
CVE-2020-11613
CVE-2020-11613 affects Mids’ Reborn Hero Designer 2.6.0.7. The issue is an elevation of privilege caused by default/insecure installation-folder permissions: by default, Authenticated Users have Modify rights, enabling any local user to replace binaries or plant malicious DLLs to gain elevated or...