CVE-2018-17980

NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is executed. (The directory could, in general, be on a local filesystem or a network share.).
Configurations

Configuration 1

cpe:2.3:a:nomachine:nomachine:*:*:*:*:*:*:*:*
cpe:2.3:a:nomachine:nomachine:*:*:*:*:*:*:*:*

Information

Published : 2018-10-15 07:29

Updated : 2019-01-22 09:48


NVD link : CVE-2018-17980

Mitre link : CVE-2018-17980

Products Affected
No products.
CWE
CWE-426

Untrusted Search Path