7 matches found
HP Display Assistant x64 Edition 3.20 - (DTSRVC) Unquoted Service Path Vulnerability
Exploit Title: HP Display Assistant x64 Edition 3.20 - 'DTSRVC' Unquoted Service Path Exploit Author: Julio Aviña Vendor Homepage: https://www.portrait.com/ Software Link: https://www.portrait.com/dtune/hwp/enu/ Software Version: 3.20 File Version: 1.0.0.1 Tested on: Windows 10 Pro x64 es...
HP Display Assistant x64 Edition 3.20 - 'DTSRVC' Unquoted Service Path
Exploit Title: HP Display Assistant x64 Edition 3.20 - 'DTSRVC' Unquoted Service Path Date: 2020-11-08 Exploit Author: Julio Aviña Vendor Homepage: https://www.portrait.com/ Software Link: https://www.portrait.com/dtune/hwp/enu/ Software Version: 3.20 File Version: 1.0.0.1 Tested on: Windows 10 P...
HP Display Assistant x64 Edition 3.20 Unquoted Service Path
Exploit Title: HP Display Assistant x64 Edition 3.20 - 'DTSRVC' Unquoted Service Path Date: 2020-11-08 Exploit Author: Julio Aviña Vendor Homepage: https://www.portrait.com/ Software Link: https://www.portrait.com/dtune/hwp/enu/ Software Version: 3.20 File Version: 1.0.0.1 Tested on: Windows 10 P...
CVE-2017-3210
Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the...
CVE-2017-3210
The CVE-2017-3210 issue affects Portrait Displays SDK services where pdiservice.exe runs with NT AUTHORITY/SYSTEM permissions and is writable by all Authenticated Users, enabling local privilege escalation. Affected applications include Portrait Display SDK-based tools such as Fujitsu DisplayView...
CVE-2017-3210 Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution
Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the...
Portrait Display SDK Service Privilege Escalation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Privilege Escalation due to insecure service configuration product: Portrait Display SDK Service vulnerable version: mutliple, see PoC fixed version: multiple, see soluti...