CVE-2013-2604

EPSS 0.07%
Veröffentlicht 12.01.2015 19:59:01
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

RealNetworks GameHouse RealArcade Installer (aka ActiveMARK Game Installer) 2.6.0.481 and 3.0.7 uses weak permissions (Create Files/Write Data) for the GameHouse Games directory tree, which allows local users to gain privileges via a Trojan horse DLL in an individual game's directory, as demonstrated by DDRAW.DLL in the Zuma Deluxe directory.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Realnetworks ≫ Realarcade Installer Version2.6.0.481

Realnetworks ≫ Realarcade Installer Version3.0.7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.174

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://www.riskbasedsecurity.com/reports/RBS-GameHouseAnalysis-Sept2013.pdf

http://www.osvdb.org/96918

https://www.riskbasedsecurity.com/research/RBS-2013-005.pdf

https://nvd.nist.gov/vuln/detail/CVE-2013-2604

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-2604

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-2604

EUVD