Nik Sharpener Pro, possibly 2.0, uses world-writable permissions for plug-in files, which allows local users to gain privileges by replacing a plug-in with a Trojan horse.
References
Link | Resource |
---|---|
http://secunia.com/advisories/29586 | Vendor Advisory |
http://www.kb.cert.org/vuls/id/124289 | US Government Resource |
http://www.securityfocus.com/bid/27707 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/41535 |
Configurations
History
No history.
Information
Published : 2008-04-02 17:44
Updated : 2024-02-28 11:21
NVD link : CVE-2008-1638
Mitre link : CVE-2008-1638
CVE.ORG link : CVE-2008-1638
JSON object : View
Products Affected
nik_software_inc
- nik_sharpener_pro
CWE
CWE-264
Permissions, Privileges, and Access Controls