Filtered by vendor Pronestor
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-17390 | 1 Pronestor | 1 Planner | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered in the Outlook add-in in Pronestor Planner before 8.1.77. There is local privilege escalation in the Health Monitor service because PronestorHealthMonitor.exe access control is mishandled, aka PNB-2359. | |||||
CVE-2018-19113 | 1 Pronestor | 1 Pronestor Health Monitoring | 2019-10-02 | 4.4 MEDIUM | 7.3 HIGH |
The Pronestor PNHM (aka Health Monitoring or HealthMonitor) add-in before 8.1.13.0 for Outlook has "BUILTIN\Users:(I)(F)" permissions for the "%PROGRAMFILES(X86)%\proNestor\Outlook add-in for Pronestor\PronestorHealthMonitor.exe" file, which allows local users to gain privileges via a Trojan horse PronestorHealthMonitor.exe file. |