Filtered by vendor Absolute
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-16715 | 1 Absolute | 1 Ctes Windows Agent | 2019-10-02 | 6.5 MEDIUM | 8.8 HIGH |
An issue was discovered in Absolute Software CTES Windows Agent through 1.0.0.1479. The security permissions on the %ProgramData%\CTES folder and sub-folders may allow write access to low-privileged user accounts. This allows unauthorized replacement of service program executable (EXE) or dynamically loadable library (DLL) files, causing elevated (SYSTEM) user access. Configuration control files or data files under this folder could also be similarly modified to affect service process behavior. | |||||
CVE-2009-5151 | 1 Absolute | 1 Computrace Agent | 2018-06-14 | 7.2 HIGH | 6.7 MEDIUM |
The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code on the BIOS. This allows a privileged local user to achieve persistent control of BIOS behavior, independent of later disk changes. | |||||
CVE-2009-5150 | 1 Absolute | 1 Computrace Agent | 2018-06-14 | 7.2 HIGH | 6.7 MEDIUM |
Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the configuration block, which allows attackers to set up communication with a web site other than the intended search.namequery.com site by modifying data within a disk's inter-partition space. This allows a privileged local user to execute arbitrary code even after that user loses access and all disk partitions are reformatted. | |||||
CVE-2009-5152 | 1 Absolute | 1 Computrace Agent | 2018-06-14 | 1.9 LOW | 4.1 MEDIUM |
Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility (DCCU), which allows privileged local users to change Computrace Agent's activation/deactivation status to the factory default via a crafted TaskResult.xml file. |