[2/5] Nik Sharpener Pro Insecure File Permissions

March 31st, 2008 by

[2/5] Nik Sharpener Pro Insecure File Permissions

:A security issue has been discovered in Nik Sharpener Pro, which potentially can be exploited by malicious, local users to gain escalated privileges.The problem is caused due to insecure default permissions being set for installed plugins. This can potentially be exploited to gain escalated privileges by replacing existing plugins with malicious files.The security issue is confirmed in Nik Sharpener Pro 2.0 Inkjet for Windows. Other versions may also be affected.Solution:Restrict local access to trusted users only.Provided and/or discovered by:US-CERT credits Vlad Didenko.Original Advisory:US-CERT VU#124289:http://www.kb.cert.org/vuls/id/124289

Original post by amit

[2/5] Nik Sharpener Pro Insecure File Permissions

Related Articles:

[2/5] XWine Insecure Temporary File Handling and Configuration File Permissions

[2/5] TorrentTrader Insecure File Permissions Security Issues

[2/5] Kaspersky Anti-Spam Insecure File Permissions

[2/5] Red Hat Directory Server Insecure File Permissions

[2/5] Liferea “feedlist.opml” Backup Insecure File Permissions

Posted in Advisories - Exploits | | [2/5] Nik Sharpener Pro Insecure File Permissions

<< [2/5] rxvt X11 Display Security Issue | [3/5] Fedora update for Perlbal >>

Cybertrion Systems

[2/5] Nik Sharpener Pro Insecure File Permissions

Categories

Archives:

Search:

Meta: