Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
GPMAW 14, a bioinformatics software, has a critical vulnerability related to insecure file permissions in its installation directory. The directory is accessible with full read, write, and execute permissions for all users, allowing unprivileged users to manipulate files within the directory, including executable files like GPMAW3.exe, Fragment.exe, and the uninstaller GPsetup64_17028.exe. An attacker with user-level access can exploit this misconfiguration by replacing or modifying the uninstaller (GPsetup64_17028.exe) with a malicious version. While the application itself runs in the user's context, the uninstaller is typically executed with administrative privileges when an administrator attempts to uninstall the software. By exploiting this flaw, an attacker could gain administrative privileges and execute arbitrary code in the context of the admin, resulting in privilege escalation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Lighthouse data GPMAW 14 安全漏洞
Vulnerability Description
Lighthouse data GPMAW 14是丹麦Lighthouse data公司的一款用于详细分析蛋白质和肽的一级结构的程序。 Lighthouse data GPMAW 14版本存在安全漏洞,该漏洞源于不安全文件权限,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A