CVE-2019-5674

Sažetak

NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is enabled. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of service, or escalation of privileges.

Reference

http://support.lenovo.com/us/en/solutions/LEN-27096
http://www.securityfocus.com/bid/107621
https://nvidia.custhelp.com/app/answers/detail/a_id/4784

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

24-08-2020 - 17:37

Objavljeno

28-03-2019 - 15:29