Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-15396

Disclosure Date: June 30, 2020 (last updated November 08, 2023)
In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0