Описание
RealNetworks GameHouse RealArcade Installer (aka ActiveMARK Game Installer) 2.6.0.481 and 3.0.7 uses weak permissions (Create Files/Write Data) for the GameHouse Games directory tree, which allows local users to gain privileges via a Trojan horse DLL in an individual game's directory, as demonstrated by DDRAW.DLL in the Zuma Deluxe directory.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:realnetworks:realarcade_installer:2.6.0.481:*:*:*:*:*:*:*
cpe:2.3:a:realnetworks:realarcade_installer:3.0.7:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00066
Низкий
7.2 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
RealNetworks GameHouse RealArcade Installer (aka ActiveMARK Game Installer) 2.6.0.481 and 3.0.7 uses weak permissions (Create Files/Write Data) for the GameHouse Games directory tree, which allows local users to gain privileges via a Trojan horse DLL in an individual game's directory, as demonstrated by DDRAW.DLL in the Zuma Deluxe directory.
EPSS
Процентиль: 21%
0.00066
Низкий
7.2 High
CVSS2
Дефекты
CWE-264