WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. The custom action behind WiX's `RemoveFolderEx` functionality could allow a standard user to delete protected directories. `RemoveFolderEx` deletes an entire directory tree during installation or uninstallation. It does so by recursing every subdirectory starting at a specified directory and adding each subdirectory to the list of directories Windows Installer should delete. If the setup author instructed `RemoveFolderEx` to delete a per-user folder from a per-machine installer, an attacker could create a directory junction in that per-user folder pointing to a per-machine, protected directory. Windows Installer, when executing the per-machine installer after approval by an administrator, would delete the target of the directory junction. This vulnerability is fixed in 3.14.1 and 4.0.5.
References
Configurations
No configuration.
History
21 Nov 2024, 09:07
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/wixtoolset/issues/security/advisories/GHSA-jx4p-m4wm-vvjg - | |
References | () https://github.com/wixtoolset/wix/commit/2e5960b575881567a8807e6b8b9c513138b19742 - | |
References | () https://github.com/wixtoolset/wix3/commit/93eeb5f6835776694021f66d4226c262c67d487a - | |
Summary |
|
24 Mar 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-24 20:15
Updated : 2024-11-21 09:07
NVD link : CVE-2024-29188
Mitre link : CVE-2024-29188
CVE.ORG link : CVE-2024-29188
JSON object : View
Products Affected
No product.
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')