4 matches found
JVN#68418039: The installers of E START products may insecurely load Dynamic Link Libraries
The installers of E START products by GMO INSIGHT Inc. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries in the folder specified by the TEMP environment variable or where the installer resides CWE-427, CVE-2015-9267, and CVE-2015-9268. Impact...
[SECURITY] [DLA 1602-1] nsis security update
Package : nsis Version : 2.46-10+deb8u1 CVE ID : CVE-2015-9267 CVE-2015-9268 Among others, Andre Heinicke from gpg4win.org found several issues of nsis, a tool for creating quick and user friendly installers for Microsoft Windows operating systems. The issues are fixed by ... ... using...
CVE-2015-9267
Nullsoft Scriptable Install System NSIS before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program...
CVE-2015-9267
CVE-2015-9267 affects NSIS (Nullsoft Scriptable Install System) before 2.49. The vulnerability arises from the use of temporary folder locations, enabling unprivileged local users to overwrite files, which can allow replacing either an installer plugin or the uninstaller with a trojan. In practic...