Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During SDK repair, certutil.exe is called by the Acuant installer to repair certificates. This call is vulnerable to DLL hijacking due to a race condition and insecure permissions on the executing directory.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Acuant AcuFill SDK 代码问题漏洞
Vulnerability Description
Acuant AcuFill SDK是美国Acuant公司的一种数据捕获技术。可以从文档中提取所有主要数据字段。 Acuant AcuFill SDK 存在安全漏洞,该漏洞源于在 SDK 修复期间,Acuant 安装程序调用 certutil.exe 来修复证书。由于竞争条件和对执行目录的不安全权限,此调用容易受到 DLL 劫持。
CVSS Information
N/A
Vulnerability Type
N/A