Affected products are: ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security, ESET Smart Security Premium versions 13.2 and lower ESET Endpoint Antivirus, ESET Endpoint Security, ESET NOD32 Antivirus Business Edition, ESET Smart Security Business Edition versions 7.3 and lower ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, ESET Security for Kerio, ESET Security for Microsoft SharePoint Server versions 7.2 and lower. Furthermore, exploitation can only succeed when Self-Defense is disabled. The possibility of exploiting this vulnerability is limited and can only take place during the installation phase of ESET products. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 9.0.Ī local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. ESET Mail Security for IBM Domino 6.0 versions prior to 1.0.
ESET Mail Security for Microsoft Exchange Server 6.0 versions prior to 0.0. ESET File Security for Microsoft Windows Server 3.0. ESET Server Security for Microsoft Windows Server 8.0 versions prior to 2.0. ESET Endpoint Security 6.0 versions prior to. ESET Endpoint Antivirus 6.0 versions prior to. ESET Smart Security Premium 11.2 versions prior to 15.1.12.0. ESET Internet Security 11.2 versions prior to 15.1.12.0. ESET NOD32 Antivirus 11.2 versions prior to 15.1.12.0. Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit repair feature of the installer to run malicious code with higher privileges. ESET Security for Microsoft SharePoint Server 6.0 versions prior to 9.0. allows attacker to exploit "Repair" and "Uninstall" features what may lead to arbitrary file deletion. Privilege escalation vulnerability in Windows products of ESET, spol.
0 kommentar(er)
