2 matches found
CVE-2019-5443
A non-privileged user or program can put code and a config file in a known non-privileged path under C:/usr/local/ that will make curl = 7.65.1 automatically run the code as an openssl "engine" on invocation. If that curl is invoked by a privileged user it can do anything it wants...
CVE-2019-5443
A non-privileged user or program can put code and a config file in a known non-privileged path under C:/usr/local/ that will make curl = 7.65.1 automatically run the code as an openssl "engine" on invocation. If that curl is invoked by a privileged user it can do anything it wants...