CVE-2019-5695

NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions) contains a vulnerability in the local service provider component in which an attacker with local system and privileged access can incorrectly load Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution.
Configurations

Configuration 1 (hide)

cpe:2.3:a:nvidia:geforce_experience:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:nvidia:gpu_driver:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-11-12 21:15

Updated : 2024-02-28 17:28


NVD link : CVE-2019-5695

Mitre link : CVE-2019-5695

CVE.ORG link : CVE-2019-5695


JSON object : View

Products Affected

nvidia

  • gpu_driver
  • geforce_experience

microsoft

  • windows
CWE
CWE-427

Uncontrolled Search Path Element