2 matches found
The vulnerability of the command-line utility reg.exe, a tool for development and automatic updates of VMware InstallBuilder installer for Windows operating systems, allows a malicious individual to execute arbitrary commands.
The vulnerability of the command-line utility reg.exe, a tool for development and automatic updates of VMware InstallBuilder installer for Windows operating systems, is related to errors in the mechanism for checking pathfinding for dynamically linked libraries. Exploiting this vulnerability coul...
CVE-2021-22037
Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller vulnerable to Path...