CVE-2018-10172 in 7-zipinfo

Zusammenfassung

von MITRE

7-Zip through 18.01 on Windows implements the "Large memory pages" option by calling the LsaAddAccountRights function to add the SeLockMemoryPrivilege privilege to the user's account, which makes it easier for attackers to bypass intended access restrictions by using this privilege in the context of a sandboxed process.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

16.04.2018

Veröffentlichung

16.04.2018

Moderieren

akzeptiert

Eintrag

VDB-116274

CPE

bereit

CWE

CWE-264 (bestätigt)

CVSS

8.8 (NVD)

EPSS

0.00040

KEV

nein

Aktivitäten

very low

Sektor

Hospital, Chemical, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-10172
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-10172
CVE Details	https://www.cvedetails.com/cve/CVE-2018-10172/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!