InstallBuilder 4.5.0 for Qt

CPE Details

InstallBuilder 4.5.0 for Qt
installbuilder
installbuilder
4.5.0
2020-09-23
09h56 +00:00
2020-09-23
09h56 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:installbuilder:installbuilder:4.5.0:*:*:*:*:qt:*:*

Informations

Vendor

installbuilder

Product

installbuilder

Version

4.5.0

Target Software

qt

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-31694 2022-11-17 23h00 +00:00 InstallBuilder Qt installers built with versions previous to 22.10 try to load DLLs from the installer binary parent directory when displaying popups. This may allow an attacker to plant a malicious DLL in the installer parent directory to allow executing code with the privileges of the installer (when the popup triggers the loading of the library). Exploiting these type of vulnerabilities generally require that an attacker has access to a vulnerable machine to plant the malicious DLL.
7.3
Haute
CVE-2020-3979 2020-09-18 15h37 +00:00 InstallBuilder for Qt Windows (versions prior to 20.7.0) installers look for plugins at a predictable location at initialization time, writable by non-admin users. While those plugins are not required, they are loaded if present, which could allow an attacker to plant a malicious library which could result in code execution with the security scope of the installer.
7.8
Haute