CVE-2020-24567

** DISPUTED ** voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged users can write to the installation directory, which may be considered a site-specific configuration error.
Configurations

Configuration 1 (hide)

cpe:2.3:a:voidtools:everything:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:15

Type Values Removed Values Added
References () https://www.cymaera.com/articles/everything.html - Exploit, Third Party Advisory () https://www.cymaera.com/articles/everything.html - Exploit, Third Party Advisory
References () https://www.voidtools.com/forum/viewtopic.php?p=32509#p32509 - Vendor Advisory () https://www.voidtools.com/forum/viewtopic.php?p=32509#p32509 - Vendor Advisory

Information

Published : 2020-08-21 03:15

Updated : 2024-11-21 05:15


NVD link : CVE-2020-24567

Mitre link : CVE-2020-24567

CVE.ORG link : CVE-2020-24567


JSON object : View

Products Affected

voidtools

  • everything