2 matches found
CVE-2020-27643
The %PROGRAMDATA%\1E\Client directory in 1E Client 5.0.0.745 and 4.1.0.267 allows remote authenticated users and local users to create and modify files in protected directories where they would not normally have access to create or modify files via the creation of a junction point to a system...
CVE-2020-27643
Affected product: 1E Client (versions 4.1.0.267 and 5.0.0.745). Root cause: MSI installer and related components allow creation of a junction point to a system directory via unreferenced paths, enabling remote authenticated or local users to create/modify files in protected directories. Result: p...