Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8
CVE-2021-22037
- EPSS 0.13%
- Published 29.10.2021 12:15:07
- Last modified 21.11.2024 05:49:28
Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This mak...
8.8
CVE-2021-22038
- EPSS 0.67%
- Published 29.10.2021 12:15:07
- Last modified 21.11.2024 05:49:28
On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it does not block the installation directory). This temporary location is not randomized and does not ...
7.5
CVE-2020-3946
- EPSS 0.32%
- Published 20.04.2020 20:15:11
- Last modified 21.11.2024 05:32:00
InstallBuilder AutoUpdate tool and regular installers enabling <checkForUpdates> built with versions earlier than 19.11 are vulnerable to Billion laughs attack (denial-of-service).
1