CVE-2022-24767

GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:git_for_windows_project:git_for_windows:*:*:*:*:*:*:*:*

History

02 Aug 2023, 19:28

Type Values Removed Values Added
First Time Git For Windows Project
Git For Windows Project git For Windows
CPE cpe:2.3:a:git_for_windows_project:git_for_windows:*:*:*:*:*:*:*:*

Information

Published : 2022-04-12 18:15

Updated : 2024-10-01 15:35


NVD link : CVE-2022-24767

Mitre link : CVE-2022-24767

CVE.ORG link : CVE-2022-24767


JSON object : View

Products Affected

microsoft

  • visual_studio_2019
  • visual_studio_2022
  • visual_studio_2017

git_for_windows_project

  • git_for_windows
CWE
CWE-427

Uncontrolled Search Path Element