Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A DLL hijacking vulnerability exists in the uninstaller in Scooter Beyond Compare 1.8a through 4.4.2 before 4.4.3 when installed via the EXE installer. The uninstaller attempts to load DLLs out of a Windows Temp folder. If a standard user places malicious DLLs in the C:\Windows\Temp\ folder, and then the uninstaller is run as SYSTEM, the DLLs will execute with elevated privileges.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Scooter Software Beyond Compare 代码问题漏洞
Vulnerability Description
Scooter Software Beyond Compare是Scooter Software公司的内容比较工具软件。 Scooter Software Beyond Compare 4.4.3之前的1.8a至4.4.2版本存在安全漏洞,该漏洞源于通过EXE安装程序时,卸载程序存在一个DLL劫持漏洞,该卸载程序试图从Windows临时文件夹中加载DLLs。如果一个标准用户将恶意的DLLs放在C:WindowsTemp文件夹中,然后以SYSTEM身份运行卸载程序,DLLs将以高权限执行。
CVSS Information
N/A
Vulnerability Type
N/A