22 matches found
EUVD-2017-0672
Malware in sbrugna...
Wix Toolset < 3.14 / 4.x < 4.0.4 Privilege Escalation
The version of Wix Toolset installed on the remote host is prior to 3.14.0 or 4.x prior to 4.0.4. It is, therefore, affected by a privilege escalation vulnerability. The .be TEMP folder is vulnerable to DLL redirection attacks that allow an unauthenticated, local attacker to escalate privileges...
PanelSwWix4.Sdk .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
Summary .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. Details If the bundle is not run as admin, the user's TEMP folder is used and not the system TEMP folder. A utility is able to monitor the user's TEMP folder for changes and drop its o...
Panel::Software Customized WiX .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
Summary .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. Details If the bundle is not run as admin, the user's TEMP folder is used and not the system TEMP folder. A utility is able to monitor the user's TEMP folder for changes and drop its o...
GHSA-259P-RVJX-FFWG Panel::Software Customized WiX .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
Summary .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. Details If the bundle is not run as admin, the user's TEMP folder is used and not the system TEMP folder. A utility is able to monitor the user's TEMP folder for changes and drop its o...
GHSA-7WH2-WXC7-9PH5 WiX Toolset's .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
Summary .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. Details If the bundle is not run as admin, the user's TEMP folder is used and not the system TEMP folder. A utility is able to monitor the user's TEMP folder for changes and drop its o...
WiX Toolset's .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
Summary .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. Details If the bundle is not run as admin, the user's TEMP folder is used and not the system TEMP folder. A utility is able to monitor the user's TEMP folder for changes and drop its o...
PT-2024-40006 · Microsoft · Wix
Name of the Vulnerable Software and Affected Versions: WiX installer framework affected versions not specified Description: The vulnerability allows an attacker to escalate privileges through DLL redirection attacks. When the bundle is not run as admin, the user's TEMP folder is used, and a utili...
PT-2024-40202 · Microsoft · Wix
Name of the Vulnerable Software and Affected Versions: WiX installer framework affected versions not specified Description: The vulnerability allows an attacker to escalate privileges through DLL redirection attacks. When the bundle is not run as admin, the user's TEMP folder is used, and a utili...
CVE-2024-24810 WiX is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. The .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. This impacts any installer built with the WiX installer framework. This issue has been...
CVE-2024-24810
The CVE-2024-24810 entry concerns the Wix Toolset used to build Windows Installer packages. The vulnerability resides in the.be TEMP folder, enabling DLL redirection that can permit a local attacker to escalate privileges during installation. Affected component is the WiX installer framework; imp...
[SECURITY] Fedora 32 Update: calamares-3.2.11-14.fc32
Calamares is a distribution-independent installer framework, designed to in stall from a live CD/DVD/USB environment to a hard disk. It includes a graphical installation program based on Qt 5. This package includes the Calamares framework and the required configuration files to produce a working...
[SECURITY] Fedora 29 Update: calamares-3.2.11-1.fc29
Calamares is a distribution-independent installer framework, designed to in stall from a live CD/DVD/USB environment to a hard disk. It includes a graphical installation program based on Qt 5. This package includes the Calamares framework and the required configuration files to produce a working...
[SECURITY] Fedora 27 Update: calamares-3.1.8-2.fc27.1
Calamares is a distribution-independent installer framework, designed to in stall from a live CD/DVD/USB environment to a hard disk. It includes a graphical installation program based on Qt 5. This package includes the Calamares framework and the required configuration files to produce a working...
[SECURITY] Fedora 26 Update: calamares-3.1.8-1.fc26
Calamares is a distribution-independent installer framework, designed to in stall from a live CD/DVD/USB environment to a hard disk. It includes a graphical installation program based on Qt 5. This package includes the Calamares framework and the required configuration files to produce a working...
NVIDIA GeForce Experience Installer Framework Elevation of Privilege Vulnerability
NVIDIA GeForce Experience GFE is a suite of automatic graphics card updating tools from NVIDIA.The NVIDIA Installer Framework is one of the installation frameworks.... An elevation of privilege vulnerability exists in NVISystemService64 of the NVIDIA Installer Framework in version 3.x prior to...
CVE-2017-0316
In GeForce Experience GFE 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges...
CVE-2017-0316
In GeForce Experience GFE 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, which may lead to denial of service or possible escalation of privileges...
Security Bulletin: NVIDIA Installer Framework contains a vulnerability in NVISystemService64 affecting GFE
Vulnerability Details The following section summarizes the vulnerability. The description uses CWE™ and the risk assessment follows CVSS. CVE-2017-0316 NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without...
[SECURITY] Fedora 24 Update: calamares-2.4.4-5.fc24
Calamares is a distribution-independent installer framework, designed to in stall from a live CD/DVD/USB environment to a hard disk. It includes a graphical installation program based on Qt 5. This package includes the Calamares framework and the required configuration files to produce a working...