Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Absolute Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-16715 1 Absolute 1 Ctes Windows Agent 2019-10-02 6.5 MEDIUM 8.8 HIGH
An issue was discovered in Absolute Software CTES Windows Agent through 1.0.0.1479. The security permissions on the %ProgramData%\CTES folder and sub-folders may allow write access to low-privileged user accounts. This allows unauthorized replacement of service program executable (EXE) or dynamically loadable library (DLL) files, causing elevated (SYSTEM) user access. Configuration control files or data files under this folder could also be similarly modified to affect service process behavior.
CVE-2009-5151 1 Absolute 1 Computrace Agent 2018-06-14 7.2 HIGH 6.7 MEDIUM
The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code on the BIOS. This allows a privileged local user to achieve persistent control of BIOS behavior, independent of later disk changes.
CVE-2009-5150 1 Absolute 1 Computrace Agent 2018-06-14 7.2 HIGH 6.7 MEDIUM
Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the configuration block, which allows attackers to set up communication with a web site other than the intended search.namequery.com site by modifying data within a disk's inter-partition space. This allows a privileged local user to execute arbitrary code even after that user loses access and all disk partitions are reformatted.
CVE-2009-5152 1 Absolute 1 Computrace Agent 2018-06-14 1.9 LOW 4.1 MEDIUM
Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility (DCCU), which allows privileged local users to change Computrace Agent's activation/deactivation status to the factory default via a crafted TaskResult.xml file.