Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
QQBrowser before 10.5.3870.400 installs a Windows service TsService.exe. This file is writable by anyone belonging to the NT AUTHORITY\Authenticated Users group, which includes all local and remote users. This can be abused by local attackers to escalate privileges to NT AUTHORITY\SYSTEM by writing a malicious executable to the location of TsService.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tencent QQBrowser 安全漏洞
Vulnerability Description
Tencent QQBrowser是中国腾讯(Tencent)公司的一款Web浏览器。 Tencent QQBrowser 10.5.3870.400之前版本中存在安全漏洞,该漏洞源于NT AUTHORITYAuthenticated Users组群中的人员可以编写TsService.exe文件。本地攻击者可通过向TsService所在位置写入恶意的可执行文件利用该漏洞将权限提升至NT AUTHORITYSYSTEM。
CVSS Information
N/A
Vulnerability Type
N/A