3 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-28892

https://notcve.org/view.php?id=CVE-2023-28892

29 Mar 2023 — Malwarebytes AdwCleaner 8.4.0 runs as Administrator and performs an insecure file delete operation on C:\AdwCleaner\Logs\AdwCleaner_Debug.log in which the target location is user-controllable, allowing a non-admin user to escalate privileges to SYSTEM via a symbolic link. • https://forums.malwarebytes.com/topic/307429-release-adwcleaner-841 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-11507

https://notcve.org/view.php?id=CVE-2020-11507

06 Apr 2020 — An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner 8.0.3 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded. Una vulnerabilidad de Ruta de Búsqueda No Confiable en Malwarebytes AdwCleaner versión 8.0.3, podría causar una ejecución de código arbitraria con privilegios SYSTEM cuando una biblioteca DLL maliciosa se cargada. • https://forums.malwarebytes.com/topic/258140-release-adwcleaner-804 • CWE-426: Untrusted Search Path •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-19929

https://notcve.org/view.php?id=CVE-2019-19929

23 Dec 2019 — An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner before 8.0.1 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded by the product. Una vulnerabilidad de Ruta de Búsqueda No Confiable en Malwarebytes AdwCleaner versiones anteriores a 8.0.1, podría causar una ejecución de código arbitrario con privilegios SYSTEM cuando el producto carga una biblioteca DLL maliciosa. • https://borncity.com/win/2019/12/19/adwcleaner-8-0-1-closes-a-dll-hijacking-vulnerability • CWE-426: Untrusted Search Path •