Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating symlinks to installation file during Yandex Browser update process.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Yandex Browser 后置链接漏洞
Vulnerability Description
Yandex Browser是俄罗斯Yandex公司的一款桌面版网页浏览器。 Yandex Browser for Windows 22.5.0.862 之前版本存在安全漏洞,该漏洞源于应用中存在本地权限问题。本地、低权限的攻击者利用该漏洞通过在 Yandex Browser 更新过程中操纵安装文件的符号链接以 SYSTEM 权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A