CVE-2014-4936 – Malwarebytes Anti-Malware < 2.0.3 / Anti-Exploit < 1.03.1.1220 - Update Code Execution

https://notcve.org/view.php?id=CVE-2014-4936

16 Dec 2014 — The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute arbitrary code by spoofing the update server and uploading an executable. La funcionalidad de actualización en el consumidor Malwarebytes Anti-Malware (MBAM) anterior a 2.0.3 y el consumidor Malwarebytes Anti-Exploit (MBAE) 1.04.1.1012 y anteriores permiten a atacantes man-in-the-middle ejecutar código arbitrari... • https://packetstorm.news/files/id/130244 • CWE-345: Insufficient Verification of Data Authenticity •