CVE-2015-4674
The CVE relates to TimeDoctor Pro (Windows) 1.4.72.3, where the autoupdate mechanism relies on unsigned installer files fetched without SSL, enabling potential MITM manipulation to run arbitrary code. This describes a supply-chain/update integrity flaw in the autoupdate component, with the underl...