CVE-2018-11334

Windscribe 1.81 creates a named pipe with a NULL DACL that allows Everyone users to gain privileges or cause a denial of service via \\.\pipe\WindscribeService.
Configurations

Configuration 1 (hide)

cpe:2.3:a:windscribe:windscribe:1.81:*:*:*:*:*:*:*

History

21 Nov 2024, 03:43

Type Values Removed Values Added
References () https://gist.github.com/drmint80/e5f8a3b8b8324c50a85d9b8623197c68 - Third Party Advisory () https://gist.github.com/drmint80/e5f8a3b8b8324c50a85d9b8623197c68 - Third Party Advisory

Information

Published : 2018-05-23 12:29

Updated : 2024-11-21 03:43


NVD link : CVE-2018-11334

Mitre link : CVE-2018-11334

CVE.ORG link : CVE-2018-11334


JSON object : View

Products Affected

windscribe

  • windscribe
CWE
CWE-732

Incorrect Permission Assignment for Critical Resource