漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. By adding files to an existing installation's directory, a local attacker could hijack accounts of other users running Erlang programs or possibly coerce a service running with "erlsrv.exe" to execute arbitrary code as Local System. This can occur only under specific conditions on Windows with unsafe filesystem permissions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Erlang/OTP 代码问题漏洞
Vulnerability Description
erlang/otp是个人开发者的一个JavaScript编写的处理处理异常的库。该库可以捕捉node.js内置API引发的异常。 Erlang/OTP 23.2.3版本及之前版本存在安全漏洞,攻击者可利用该漏洞可以劫持运行Erlang程序的其他用户的帐户,或者强迫使用“erlsrv.exe”运行的服务作为本地系统执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A