The installer in Thomson Reuters Fixed Assets CS 13.1.4 and earlier uses weak permissions for connectbgdl.exe, which allows local users to execute arbitrary code by modifying this program.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-12-03T01:00:00
Updated: 2014-12-10T00:57:01
Reserved: 2014-11-28T00:00:00
Link: CVE-2014-9141
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-12-03T01:59:01.330
Modified: 2014-12-17T16:17:56.877
Link: CVE-2014-9141
JSON object: View
Redhat Information
No data.
CWE