Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In the F-Secure installer in F-Secure SAFE for Windows before 17.6, F-Secure Internet Security before 17.6, F-Secure Anti-Virus before 17.6, F-Secure Client Security Standard and Premium before 14.10, F-Secure PSB Workstation Security before 12.01, and F-Secure Computer Protection Standard and Premium before 19.3, a local user can escalate their privileges through a DLL hijacking attack against the installer. The installer writes the file rm.exe to C:\Windows\Temp and then executes it. The rm.exe process then attempts to load several DLLs from its current directory. Non-admin users are able to write to this folder, so an attacker can create a malicious C:\Windows\Temp\OLEACC.dll file. When an admin runs the installer, rm.exe will execute the attacker's DLL in an elevated security context.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款F-Secure产品代码问题漏洞
Vulnerability Description
F-Secure Anti-Virus等都是芬兰F-Secure公司的产品。F-Secure Anti-Virus是一套杀毒软件。F-Secure Internet Security是一套主要提供针对网络钓鱼和恶意软件防护的杀毒软件。F-Secure SAFE for Windows是一套基于Windows平台的杀毒软件。 多款F-Secure产品中的F-Secure安装程序存在代码问题漏洞。该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题。以下产品及版本受到影响:F-Secure SAF
CVSS Information
N/A
Vulnerability Type
N/A