41 matches found
EUVD-2006-2222
Malware in sbrugna...
EUVD-2019-15105
Malware in sbrugna...
EUVD-2020-25211
Malware in sbrugna...
CVE-2020-3946
InstallBuilder AutoUpdate tool and regular installers enabling built with versions earlier than 19.11 are vulnerable to Billion laughs attack denial-of-service...
CVE-2019-5530
Windows binaries generated with InstallBuilder versions earlier than 19.7.0 are vulnerable to tampering even if they contain a valid Authenticode signature...
CVE-2022-31694
InstallBuilder Qt installers built with versions previous to 22.10 try to load DLLs from the installer binary parent directory when displaying popups. This may allow an attacker to plant a malicious DLL in the installer parent directory to allow executing code with the privileges of the installer...
CVE-2022-31694
InstallBuilder Qt installers built with versions previous to 22.10 try to load DLLs from the installer binary parent directory when displaying popups. This may allow an attacker to plant a malicious DLL in the installer parent directory to allow executing code with the privileges of the installer...
Design/Logic Flaw
InstallBuilder Qt installers built with versions previous to 22.10 try to load DLLs from the installer binary parent directory when displaying popups. This may allow an attacker to plant a malicious DLL in the installer parent directory to allow executing code with the privileges of the installer...
CVE-2022-31694
InstallBuilder Qt installers built with versions previous to 22.10 try to load DLLs from the installer binary parent directory when displaying popups. This may allow an attacker to plant a malicious DLL in the installer parent directory to allow executing code with the privileges of the installer...
CVE-2022-31694
InstallBuilder Qt installers earlier than version 22.10 load DLLs from the installer’s parent directory when displaying popups, potentially allowing code execution with the installer’s privileges if a malicious DLL is planted there. The Red Hat/RedHat-adjacent entry confirms this, and PT-2022-208...
Qt 代码问题漏洞
Qt is a cross-platform C++ application development framework from the Norwegian company Qt. It is widely used to develop GUI programs, in which case it is also known as the widget toolkit. It can also be used to develop non-GUI programs, such as console tools and servers. A security vulnerability...
PT-2022-20893 · Unknown · Installbuilder
Name of the Vulnerable Software and Affected Versions: InstallBuilder Qt installers versions prior to 22.10 Description: The issue allows an attacker to potentially execute code with the privileges of the installer by planting a malicious DLL in the installer parent directory. This can happen whe...
The vulnerability of the command-line utility reg.exe, a tool for development and automatic updates of VMware InstallBuilder installer for Windows operating systems, allows a malicious individual to execute arbitrary commands.
The vulnerability of the command-line utility reg.exe, a tool for development and automatic updates of VMware InstallBuilder installer for Windows operating systems, is related to errors in the mechanism for checking pathfinding for dynamically linked libraries. Exploiting this vulnerability coul...
The vulnerability of the VMware InstallBuilder development and automatic installer tool for Windows operating systems arises from the use of insufficiently random values. This allows a malicious individual to exploit their privileges.
The vulnerability of the VMware InstallBuilder tool for developing and automating installer installations on Windows operating systems is related to the use of insufficiently random values. Exploiting this vulnerability could allow a remote attacker to gain increased privileges...
CVE-2021-22037
Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller vulnerable to Path...
CVE-2021-22037
Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller vulnerable to Path...
Command injection
Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller vulnerable to Path...
CVE-2021-22037
Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller vulnerable to Path...
CVE-2021-22037
CVE-2021-22037 affects Windows installers produced with InstallBuilder. The issue arises when manipulating the Windows registry: InstallBuilder invokes reg.exe but does not enforce the absolute path, allowing search-path hijacking to substitute a malicious reg.exe. This path interception could ca...
InstallBuilder安全特征问题漏洞
Vmware InstallBuilder is a multi-platform installer development and automatic update tool from Vmware, Inc. A security vulnerability exists in InstallBuilder that stems from the fact that under certain circumstances on the InstallBuilder Windows version, the uninstaller binary copies itself to a...