MidnightBSD

Advisories for akeo

CVE-2019-1010100 MEDIUM

Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables (ALL executables on the web site). The attack vector is: CAPEC-471, CWE-426, CWE-427.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-426,CWE-427,

Products Affected

Vendor Product Version
akeo rufus *
CVE-2019-1010101 HIGH

Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. The impact is: arbitrary code execution with escalation of privilege. The component is: Executable installer, portable executable (ALL executables available). The attack vector is: CWE-29, CWE-377, CWE-379.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-732,

Products Affected

Vendor Product Version
akeo rufus *