11 matches found
CVE-2023-49147
An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions e.g., an oplock on faxPrnInst.log to open...
CVE-2023-49147
An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions e.g., an oplock on faxPrnInst.log to open...
CVE-2023-49147
An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions e.g., an oplock on faxPrnInst.log to open...
CVE-2023-49147
An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions e.g., an oplock on faxPrnInst.log to open...
Code injection
An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions e.g., an oplock on faxPrnInst.log to open...
CVE-2023-49147
An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions e.g., an oplock on faxPrnInst.log to open...
PT-2023-31066 · Pdf24 · Pdf24 Creator
Name of the Vulnerable Software and Affected Versions: PDF24 Creator version 11.14.0 Description: An issue was discovered in the configuration of the msi installer file of PDF24 Creator, which produces a visible cmd.exe window when using the repair function of msiexec.exe. This allows an...
PDF24 Creator Security Vulnerability
PDF24 Creator is a completely free and useful PDF toolkit from PDF24 Open Source that makes it easy to create, edit and convert PDF files. A security vulnerability exists in PDF24 Creator version 11.14.0, which stems from the discovery that the configuration of the msi installer file generates a...
CVE-2023-49147
PDF24 Creator 11.14.0 contains a misconfigured MSI installer that shows a visible cmd.exe during the msiexec repair function, enabling a local unprivileged attacker to escalate to SYSTEM via actions like an oplock on faxPrnInst.log. The issue is publicly discussed by Red Hat and PT-Security, with...
PDF24 Creator 11.15.1 Local Privilege Escalation
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local Privilege Escalation via MSI installer product: PDF24 Creator geek Software GmbH vulnerable version: =11.15.1 fixed version: 11.15.2 CVE number: CVE-2023-49147...
December 8, 2020—KB4592484 (Monthly Rollup)
December 8, 2020—KB4592484 Monthly Rollup NEW 12/8/20 IMPORTANT Adobe Flash Player will go out of support on December 31, 2020. For more information, see Adobe Flash end of support on December 31, 2020. Flash content will be blocked from running in Flash Player beginning January 12, 2021. For mor...