Описание
Adobe Captivate version 11.5.5 (and earlier) is affected by an Creation of Temporary File In Directory With Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. The attacker must plant a malicious file in a particular location of the victim's machine. Exploitation of this issue requires user interaction in that a victim must launch the Captivate Installer.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
EPSS
5 Medium
CVSS3
7.3 High
CVSS3
4.4 Medium
CVSS2
Дефекты
Связанные уязвимости
Adobe Captivate version 11.5.5 (and earlier) is affected by an Creation of Temporary File In Directory With Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. The attacker must plant a malicious file in a particular location of the victim's machine. Exploitation of this issue requires user interaction in that a victim must launch the Captivate Installer.
Уязвимость программы для создания интерактивных E-learning курсов с использованием готовых слайдов Adobe Captivate 2019, связанная с созданием временных файлов с небезопасными разрешениями, позволяющая нарушителю повысить свои привилегии
EPSS
5 Medium
CVSS3
7.3 High
CVSS3
4.4 Medium
CVSS2