Описание
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.
Ссылки
- Third Party Advisory
- Mailing ListThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
Уязвимые конфигурации
EPSS
5.5 Medium
CVSS3
3.6 Low
CVSS2
Дефекты
Связанные уязвимости
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary f ...
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.
EPSS
5.5 Medium
CVSS3
3.6 Low
CVSS2