An issue was discovered in Allegro Windows (formerly Popsy Windows) before 3.3.4156.1. A standard user can escalate privileges to SYSTEM if the FTP module is installed, because of DLL hijacking.
References
Link | Resource |
---|---|
http://www.popsy.com/Documents/Setups/Setup.Allegro.3.3.4154.2.exe | Patch Vendor Advisory |
https://excellium-services.com/cert-xlm-advisory/CVE-2021-42110 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-12-08T15:42:31
Updated: 2021-12-08T15:42:31
Reserved: 2021-10-08T00:00:00
Link: CVE-2021-42110
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-12-08T16:15:07.147
Modified: 2021-12-10T14:47:28.377
Link: CVE-2021-42110
JSON object: View
Redhat Information
No data.
CWE