Описание
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 2.50-1 |
| cosmic | not-affected | 2.50-1 |
| devel | not-affected | 2.50-1 |
| disco | not-affected | 2.50-1 |
| eoan | not-affected | 2.50-1 |
| esm-apps/bionic | not-affected | 2.50-1 |
| esm-apps/focal | not-affected | 2.50-1 |
| esm-apps/jammy | not-affected | 2.50-1 |
| esm-apps/xenial | not-affected | 2.50-1 |
| esm-infra-legacy/trusty | released | 2.46-7ubuntu0.1~esm1 |
Показывать по
EPSS
3.6 Low
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary f ...
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.
EPSS
3.6 Low
CVSS2
5.5 Medium
CVSS3