4 matches found
CVE-2019-1010100
Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables ALL executables on the web site. The attack vector is: CAPEC-471, CWE-426, CWE-427...
CVE-2019-1010100
CVE-2019-1010100 affects Akeo Consulting Rufus 3.0 and earlier. The vulnerability is DLL search order hijacking in executable installers/portable executables on the site. Root cause: DLL search order issue leading to Arbitrary code execution with escalation of privilege. Documented attack referen...
CVE-2019-1010100
Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables ALL executables on the web site. The attack vector is: CAPEC-471, CWE-426, CWE-427...
Rufus 3.0 / 3.1 Privilege Escalation
Hi @ll, like their predecessors, the recently 2018-05-29, 2018-06-19 published versions 3.0 and 3.1 of "Rufus" are riddled with bloody beginners errors, which ALL allow arbitrary code execution WITH escalation of privilege, in MULTIPLE ways. JFTR: to support and ease further attacks, this crap is...