Insufficient data validation in Installer in Google Chrome on Windows prior to 1.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. Minecraft through 1.19 and 1.20 pre-releases before 7 (Java) allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink. RenderDoc through 1.26 allows local privilege escalation via a symlink attack.
0 Comments
Leave a Reply. |