what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 3 of 3

Files from Silton Santos

Trend Maximum Security 2019 Unquoted Search Path

Posted Aug 24, 2019

Authored by Silton Santos

Trend Maximum Security 2019 suffers from an unquoted search path vulnerability. This application provides an unquoted path in the parameter lpApplicationName of the function CreateProcessW during process create PwmConsole.exe --- which is triggered from the feature PC Health Checkup. If an attacker has write permissions to C:\ or C:\Program Files\, it could deliver an arbitrary executable named Program.exe or Trend.exe which would be executed by the coreServiceShell process. coreServiceShell is a privileged process that will run Program.exe with same privilege.

tags | advisory, arbitrary

advisories | CVE-2019-14685

MD5 | bbe0cfc27ac89fd49ed6a2d8487c2970

Download | Favorite | Comments (0)

Avira Free Security Suite 2019 Software Updater 2.0.6.13175 Improper Access Control

Posted Aug 4, 2019

Authored by Silton Santos

Avira Free Security Suite 2019 Software Updater version 2.0.6.13175 suffers from an improper access control that allows for arbitrary file write that can allow an unprivileged user to obtain SYSTEM privileges.

tags | advisory, arbitrary

advisories | CVE-2019-11396

MD5 | a4d390f701aa2edd6b20fd861c82f57b

Download | Favorite | Comments (0)

Responsive File Manager 9.13.1 File Disclosure

Posted Aug 8, 2018

Authored by Silton Santos

Responsive File Manager 9.13.1 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure

MD5 | e6654d43dad5be76d71dc9d6bc5269d0

Download | Favorite | Comments (0)