Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:14 a.m.12 views

CVE-2023-49147

An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions e.g., an oplock on faxPrnInst.log to open...

7.8CVSS6.5AI score0.00483EPSS
Exploits2References1
OSV
OSV
added 2023/12/19 11:15 p.m.5 views

CVE-2023-49147

An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions e.g., an oplock on faxPrnInst.log to open...

7.8CVSS5.8AI score0.00483EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2023/12/19 11:15 p.m.3 views

CVE-2023-49147

An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions e.g., an oplock on faxPrnInst.log to open...

7.8CVSS5.8AI score0.00483EPSS
Exploits2References4
NVD
NVD
added 2023/12/19 11:15 p.m.28 views

CVE-2023-49147

An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions e.g., an oplock on faxPrnInst.log to open...

7.8CVSS0.00483EPSS
Exploits2References3
Prion
Prion
added 2023/12/19 11:15 p.m.22 views

Code injection

An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions e.g., an oplock on faxPrnInst.log to open...

4.3CVSS6.8AI score0.00483EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2023/12/19 12:0 a.m.38 views

CVE-2023-49147

An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions e.g., an oplock on faxPrnInst.log to open...

7.6AI score0.00483EPSS
Exploits2References3
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.5 views

PDF24 Creator Security Vulnerability

PDF24 Creator is a completely free and useful PDF toolkit from PDF24 Open Source that makes it easy to create, edit and convert PDF files. A security vulnerability exists in PDF24 Creator version 11.14.0, which stems from the discovery that the configuration of the msi installer file generates a...

7.8CVSS6.7AI score0.00483EPSS
Exploits2References2
CVE
CVE
added 2023/12/19 12:0 a.m.95 views

CVE-2023-49147

PDF24 Creator 11.14.0 contains a misconfigured MSI installer that shows a visible cmd.exe during the msiexec repair function, enabling a local unprivileged attacker to escalate to SYSTEM via actions like an oplock on faxPrnInst.log. The issue is publicly discussed by Red Hat and PT-Security, with...

7.8CVSS7.3AI score0.00483EPSS
Exploits2References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/19 12:0 a.m.9 views

PT-2023-31066 · Pdf24 · Pdf24 Creator

Name of the Vulnerable Software and Affected Versions: PDF24 Creator version 11.14.0 Description: An issue was discovered in the configuration of the msi installer file of PDF24 Creator, which produces a visible cmd.exe window when using the repair function of msiexec.exe. This allows an...

7.8CVSS7.5AI score0.00483EPSS
Exploits2References8
Packet Storm
Packet Storm
added 2023/12/13 12:0 a.m.1732 views

PDF24 Creator 11.15.1 Local Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local Privilege Escalation via MSI installer product: PDF24 Creator geek Software GmbH vulnerable version: =11.15.1 fixed version: 11.15.2 CVE number: CVE-2023-49147...

7.4AI score0.00483EPSS
Exploits2
Microsoft KB
Microsoft KB
added 2020/12/08 8:0 a.m.163 views

December 8, 2020—KB4592484 (Monthly Rollup)

None None...

9CVSS6.7AI score0.18653EPSS
Exploits0
Rows per page
Query Builder