CVE-2024-29187 | WiX Toolset up to 3.14.0/4.0.4 on Windows Installer C:WindowsTemp permission assignment

Inserito da Angelo Barbosa | Mar 24, 2024 | CVE

A vulnerability was found in WiX Toolset up to 3.14.0/4.0.4 on Windows. It has been declared as critical. This vulnerability affects unknown code of the file C:WindowsTemp of the component Installer. The manipulation leads to incorrect permission assignment.

This vulnerability was named CVE-2024-29187. It is possible to launch the attack on the local host. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-29187 | WiX Toolset up to 3.14.0/4.0.4 on Windows Installer C:WindowsTemp permission assignment

Post correlati

CVE-2024-0967 | OpenText ArcSight Enterprise Security Manager up to 24.0 information disclosure

CVE-2024-1323 | ThemeIsle Orbit Fox Plugin up to 2.10.30 on WordPress cross site scripting

CVE-2023-6307 | jeecgboot JimuReport up to 1.6.1 /download/image imageUrl path traversal

CVE-2024-49702 | myCred Elementor Plugin up to 1.2.6 on WordPress cross site scripting