CVE Vulnerabilities

CVE-2014-9141

Published: Dec 03, 2014 | Modified: Dec 17, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The installer in Thomson Reuters Fixed Assets CS 13.1.4 and earlier uses weak permissions for connectbgdl.exe, which allows local users to execute arbitrary code by modifying this program.

Affected Software

Name Vendor Start Version End Version
Fixed_assets_cs Thomsonreuters * 13.1.4

References