mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
Auto-merge PR#3130
Auto-merge PR#3130
This commit is contained in:
commit
06c906b694
103
2019/17xxx/CVE-2019-17099.json
Normal file
103
2019/17xxx/CVE-2019-17099.json
Normal file
@ -0,0 +1,103 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve-requests@bitdefender.com",
|
||||
"DATE_PUBLIC": "2019-12-18T10:00:00.000Z",
|
||||
"ID": "CVE-2019-17099",
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "Untrusted Search Path vulnerability in EPSecurityService.exe (VA-3500)"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "EPSecurityService.exe ",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.6.11.162",
|
||||
"version_value": "6.6.11.162"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Bitdefender"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"credit": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Bugcrowd user khangkito"
|
||||
}
|
||||
],
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "An Untrusted Search Path vulnerability in EPSecurityService.exe as used in Bitdefender Endpoint Security Tools versions prior to 6.6.11.163 allows an attacker to load an arbitrary DLL file from the search path.\nThis issue affects:\nBitdefender EPSecurityService.exe versions prior to 6.6.11.163."
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.0.9"
|
||||
},
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 5.3,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "HIGH",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L",
|
||||
"version": "3.1"
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-426 Untrusted Search Path"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-epsecurityservice-exe-va-3500/"
|
||||
}
|
||||
]
|
||||
},
|
||||
"solution": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Automatic update to version 6.6.11.163 mitigates the issue."
|
||||
}
|
||||
],
|
||||
"source": {
|
||||
"advisory": "VA-3500",
|
||||
"defect": [
|
||||
"VA-3500"
|
||||
],
|
||||
"discovery": "UNKNOWN"
|
||||
}
|
||||
}
|
Loading…
x
Reference in New Issue
Block a user