WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to drop and load multiple binaries. Standard users can hijack the binary before it's loaded in the application resulting in elevation of privileges. This vulnerability is fixed in 3.14.1 and 4.0.5.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-03-24T19:38:38.140Z
Updated: 2024-03-24T19:46:06.327Z
Reserved: 2024-03-18T17:07:00.094Z
Link: CVE-2024-29187
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-03-24T20:15:08.003
Modified: 2024-03-25T01:51:01.223
Link: CVE-2024-29187
JSON object: View
Redhat Information
No data.
CWE