An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's install directory. An attacker can overwrite an executable that is launched as a system service on boot by default to exploit this vulnerability and execute arbitrary code with system privileges.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: talos
Published: 2019-04-02T15:19:37
Updated: 2024-08-05T04:57:24.476Z
Reserved: 2018-01-02T00:00:00
Link: CVE-2018-3974
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-04-02T16:29:00.327
Modified: 2023-02-02T13:36:29.747
Link: CVE-2018-3974
Redhat
No data.