2 matches found
CVE-2018-5731
CVE-2018-5731 affects Heimdal PRO 2.2.190. The vulnerability occurs during the scanning feature: a process (md.hs) writes an executable (CS1.tmp) to C:\windows\TEMP and then executes it. An attacker can ensure the file is created first, let md.hs overwrite it, and rewrite it in the window between...
CVE-2018-5349
CVE-2018-5349 affects Heimdal PRO v2.2.190 (likely also Heimdal FREE/CORP). The flaw is improper permissions on C:\ProgramData\Heimdal Security\Heimdal Agent, allowing BUILTIN\Users to write files in that directory. On startup, Heimdal.MonitorServices.exe (running as SYSTEM) loads version.dll fro...