An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter.
References
Link | Resource |
---|---|
https://tvn.twcert.org.tw/taiwanvn/TVN-201910007 | Third Party Advisory |
https://www.chtsecurity.com/news/1179d48b-7609-4f67-9d7e-3bac2979c6ce | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2020-02-03 11:15
Updated : 2024-02-28 17:28
NVD link : CVE-2020-3927
Mitre link : CVE-2020-3927
CVE.ORG link : CVE-2020-3927
JSON object : View
Products Affected
microsoft
- windows
changingtec
- servisign
CWE
CWE-552
Files or Directories Accessible to External Parties