Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Executable installers are vulnerable^WEVIL (case 41): EmsiSoft's Emergency Kit allows elevation of privilege for everybody
Nov 17 2016 04:46PM
Stefan Kanthak (stefan kanthak nexgo de)
in response to <http://seclists.org/fulldisclosure/2016/Jan/24>
EmsiSoft fixed some of the DLL hijacking vulnerabilities in some
of their executable installers and unpackers.
EmsisoftEmergencyKit.exe still has beginner's errors which allow
escalation of privilege for EVERY local user:
[ more ]
Copyright 2010, SecurityFocus