Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. Multiple MSI's get executed out of a standard-user writable directory. Through a race condition and OpLock manipulation, these files can be overwritten by a standard user. They then get executed by the elevated installer. This gives a standard user full SYSTEM code execution (elevation of privileges).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Acuant AcuFill SDK 竞争条件问题漏洞
Vulnerability Description
Acuant AcuFill SDK是美国Acuant公司的一种数据捕获技术。可以从文档中提取所有主要数据字段。 Acuant AcuFill SDK 存在安全漏洞,该漏洞源于多个 MSI 从标准用户可写目录中执行。通过竞争条件和 OpLock 操作,这些文件可以被标准用户覆盖。
CVSS Information
N/A
Vulnerability Type
N/A