3 matches found
CVE-2016-10588
nw is an installer for nw.js. nw downloads zipped resources over HTTP, It may be possible to cause remote code execution RCE by swapping out the requested zip file with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server...
CVE-2016-10588
nw is an installer for nw.js. nw downloads zipped resources over HTTP, It may be possible to cause remote code execution RCE by swapping out the requested zip file with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server...
CVE-2016-10588
CVE-2016-10588 affects the nw installer for nw.js. The install process downloads zipped resources over HTTP, enabling a network-positioned attacker to swap the requested zip with a malicious binary, potentially causing remote code execution on the user’s system. The issue is corroborated by multi...