CVE-2008-1638

Опубликовано: 02 апр. 2008

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Nik Sharpener Pro, possibly 2.0, uses world-writable permissions for plug-in files, which allows local users to gain privileges by replacing a plug-in with a Trojan horse.

Ссылки

http://secunia.com/advisories/29586
Vendor Advisory
http://www.kb.cert.org/vuls/id/124289
US Government Resource
http://www.securityfocus.com/bid/27707
https://exchange.xforce.ibmcloud.com/vulnerabilities/41535
http://secunia.com/advisories/29586
Vendor Advisory
http://www.kb.cert.org/vuls/id/124289
US Government Resource
http://www.securityfocus.com/bid/27707
https://exchange.xforce.ibmcloud.com/vulnerabilities/41535

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nik_software_inc:nik_sharpener_pro:2.0:*:inkjet:*:*:*:*:*

EPSS

Процентиль: 59%

0.00379

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-8c72-3wxv-57h3

github

почти 4 года назад