PT-2019-11488 · Socusoft · Socusoft Co Photo 2 Video Converter

Publicado

2019-07-24

Atualizado

2021-07-21

CVE-2019-1010163

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Socusoft Co Photo 2 Video Converter version 8.0.0

Description: The issue affects the pdmlog.dll library, allowing for local shell-code execution and denial of service. This can lead to local privilege escalation under certain conditions, as well as denial-of-service. The attack requires the attacker to have access to the local system, either directly or remotely.

Recommendations: For Socusoft Co Photo 2 Video Converter version 8.0.0, consider restricting access to the pdmlog.dll library as a temporary mitigation measure until a patch is available.

Exploit

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

CVE-2019-1010163

Produtos afetados

Socusoft Co Photo 2 Video Converter

PT-2019-11488 · Socusoft · Socusoft Co Photo 2 Video Converter

CVE-2019-1010163

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5