7.2
CVE-2013-2604
- EPSS 0.95%
- Veröffentlicht 12.01.2015 19:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
RealNetworks GameHouse RealArcade Installer (aka ActiveMARK Game Installer) 2.6.0.481 and 3.0.7 uses weak permissions (Create Files/Write Data) for the GameHouse Games directory tree, which allows local users to gain privileges via a Trojan horse DLL in an individual game's directory, as demonstrated by DDRAW.DLL in the Zuma Deluxe directory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Realnetworks ≫ Realarcade Installer Version2.6.0.481
Realnetworks ≫ Realarcade Installer Version3.0.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.95% | 0.564 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
http://www.riskbasedsecurity.com/reports/RBS-GameHouseAnalysis-Sept2013.pdf
http://www.osvdb.org/96918
https://www.riskbasedsecurity.com/research/RBS-2013-005.pdf