** DISPUTED ** voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged users can write to the installation directory, which may be considered a site-specific configuration error.
References
Link | Resource |
---|---|
https://www.cymaera.com/articles/everything.html | Exploit Third Party Advisory |
https://www.voidtools.com/forum/viewtopic.php?p=32509#p32509 | Vendor Advisory |
https://www.cymaera.com/articles/everything.html | Exploit Third Party Advisory |
https://www.voidtools.com/forum/viewtopic.php?p=32509#p32509 | Vendor Advisory |
Configurations
History
21 Nov 2024, 05:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.cymaera.com/articles/everything.html - Exploit, Third Party Advisory | |
References | () https://www.voidtools.com/forum/viewtopic.php?p=32509#p32509 - Vendor Advisory |
Information
Published : 2020-08-21 03:15
Updated : 2024-11-21 05:15
NVD link : CVE-2020-24567
Mitre link : CVE-2020-24567
CVE.ORG link : CVE-2020-24567
JSON object : View
Products Affected
voidtools
- everything
CWE