Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-28mp-5jqq-gwr6

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 7.5

Описание

An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'.

An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'.

EPSS

Процентиль: 86%
0.02904
Низкий

7.5 High

CVSS3

Дефекты

CWE-269

Связанные уязвимости

CVSS3: 7.5
nvd
почти 5 лет назад

An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerability by correcting how Windows handles junctions.

msrc
почти 5 лет назад

Windows Elevation of Privilege Vulnerability

CVSS3: 7.8
fstec
почти 5 лет назад

Уязвимость компонента «Public Account Pictures» операционных систем Windows, позволяющая нарушителю выполнить произвольный код с повышенными привилегиями

EPSS

Процентиль: 86%
0.02904
Низкий

7.5 High

CVSS3

Дефекты

CWE-269