mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
70 lines
2.2 KiB
JSON
70 lines
2.2 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2018-4050",
|
|
"ASSIGNER": "talos-cna@cisco.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Talos",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "GOG Galaxy",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "Gog Galaxy 1.2.47 (macOS)"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "local privilege escalation"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"refsource": "CONFIRM",
|
|
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0724",
|
|
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0724"
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally adjust folder permissions leading to execution of arbitrary code with elevated privileges."
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"cvss": {
|
|
"baseScore": 7.1,
|
|
"baseSeverity": "High",
|
|
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
|
|
"version": "3.0"
|
|
}
|
|
}
|
|
} |