Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:nullsoft:nullsoft_scriptable_install_system:2.02:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-37378 |
Nullsoft Scriptable Install System (NSIS) before 3.09 mishandles access control for an uninstaller directory. Published: July 03, 2023; 4:15:09 PM -0400 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2015-9268 |
Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the dependency at an appropriate time during runtime. Published: October 01, 2018; 4:29:00 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2015-9267 |
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program. Published: October 01, 2018; 4:29:00 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 3.6 LOW |