5 matches found
CVE-2018-6400
Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \.\pipe\WPSCloudSvr\WpsCloudSvr -- an "insecurely created named pipe." Ensures full access to Everyone users group...
CVE-2018-6400
CVE-2018-6400 affects Kingsoft WPS Office Free 10.2.0.5978. The vulnerability arises from an insecurely created named pipe, \.\pipe\WPSCloudSvr\WpsCloudSvr, which can be impersonated to obtain full access via a NULL DACL. This enables local privilege escalation or denial of service by a low-privi...
CVE-2018-6400
Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \.\pipe\WPSCloudSvr\WpsCloudSvr -- an "insecurely created named pipe." Ensures full access to Everyone users group...
WPS Office 10.2.0.5978 - NULL DACL grants full access Vulnerability
Exploit for multiple platform in category local exploits ===== Tempest Security Intelligence - ADV-16/2018 === WPS Free Office 10.2.0.5978 - NULL DACL grants full access ------------------------------------------------------- Author: - Filipe Xavier Oliveira: filipe.xavier tempest.com.br =====...
WPS Free Office 10.2.0.5978 NULL DACL Grants Full Access
===== Tempest Security Intelligence - ADV-16/2018 === WPS Free Office 10.2.0.5978 - NULL DACL grants full access ------------------------------------------------------- Author: - Filipe Xavier Oliveira: filipe.xavier tempest.com.br ===== Table of Contents...