Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Windows User Profile Service Elevation of Privilege Vulnerability
Vulnerability Description
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete files or folders of their choosing. The security update addresses the vulnerability by correcting how the Windows User Profile Service handles symlinks.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows User Profile Service 后置链接漏洞
Vulnerability Description
Microsoft Windows和Microsoft Windows Server都是美国微软(Microsoft)公司的产品。Microsoft Windows是一套个人设备使用的操作系统。Microsoft Windows Server是一套服务器操作系统。Windows User Profile Service是其中的一个用户配置文件服务组件。 Microsoft Windows User Profile Service(ProfSvc)中存在后置链接漏洞。该漏洞源于网络系统或产品未正确过滤表示非
CVSS Information
N/A
Vulnerability Type
N/A