漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Philips SmartControl DLL Hijacking
Vulnerability Description
An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was released after April 15, 2020. (Note, the version numbering system changed significantly between version 4.3.15 and version 1.0.7.)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Philips SmartControl 代码问题漏洞
Vulnerability Description
Philips SmartControl是飞利浦(Philips)公司的一款专业的飞利浦显示器设置软件。 Philips SmartControl 4.3.15版本和2020-4-15之前版本中存在代码问题漏洞。攻击者可借助特制的DLL文件利用该漏洞提升权限。
CVSS Information
N/A
Vulnerability Type
N/A