2 matches found
CVE-2018-6546
CVE-2018-6546 affects the AMD driver-installation package plays.tv service (plays_service.exe) prior to version 1.27.7.0. The flaw allows code execution with SYSTEM privileges when the execute_installer parameter is used in an HTTP message, due to improper user authentication. A remote attacker c...
CVE-2018-6547
The CVE-2018-6547 entry concerns AMD driver-installation packages and the plays.tv service (plays_service.exe) prior to version 1.27.7.0. Affected component is an HTTP message parsing function that accepts a user-defined path and writes non-user-controlled data as SYSTEM to a file when the extrac...