CVE-2024-29187 | WiX Toolset up to 3.14.0/4.0.4 on Windows Installer C:WindowsTemp permission assignment

Inserito da Angelo Barbosa | Mar 24, 2024 | CVE

A vulnerability was found in WiX Toolset up to 3.14.0/4.0.4 on Windows. It has been declared as critical. This vulnerability affects unknown code of the file C:WindowsTemp of the component Installer. The manipulation leads to incorrect permission assignment.

This vulnerability was named CVE-2024-29187. It is possible to launch the attack on the local host. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-29187 | WiX Toolset up to 3.14.0/4.0.4 on Windows Installer C:WindowsTemp permission assignment

Post correlati

CVE-2023-6366 | Progress WhatsUp Gold up to 2022.1 Alert Center cross site scripting

CVE-2024-47496 | Juniper Junos OS up to 23.4R1 on MX Packet Forwarding Engine null pointer dereference

CVE-2024-21689 | Atlassian Bamboo Data Center/Bamboo Server Privilege Escalation

CVE-2024-6916 | Open Mainframe Project Zowe CLI up to 5.22.5 storing passwords in a recoverable format