N/A

upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI handlers. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process.

N/A

N/A

Ubisoft Uplay Desktop Client 安全漏洞

Ubisoft Uplay Desktop Client是法国育碧娱乐（Ubisoft Entertainment）软件公司的一套游戏平台的桌面客户端应用程序。该平台包含了PC游戏大厅和在线销售平台，支持PC玩家以此为大厅彼此连结，进行各种游戏间的互动，并提供玩家线上的游戏销售服务。 Ubisoft Uplay Desktop Client 63.0.5699.0版本中的upc.exe文件存在安全漏洞，该漏洞源于程序在使用用户提交的字符串执行系统调用之前，没有对其进行验证。远程攻击者可借助恶意的页面或文件

N/A

N/A