2 matches found
CVE-2017-20051
CVE-2017-20051 affects the InnoSetup Installer. The vulnerability is described as an uncontrolled search path caused by the installer’s handling, with an attack that can be launched remotely and an exploit that has been disclosed publicly. Connected sources corroborate that the issue is rooted in...
CVE-2025-15595
CVE-2025-15595 describes privilege escalation via dll hijacking in Inno Setup, affecting version 6.2.1 and earlier. The underlying issue is a dll hijack in the installer process. According to the provided metrics, exploitation requires local access with low privileges and no user interaction, and...