← Back

CVE-2014-5453

nvd nist
Published: Aug 25, 2014Modified: May 6, 2026

JSON object

Loading...
7.2
Vector
AV:L/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 3.9 / Impact: 10.0
Source: NVD

Description

Ubisoft Uplay PC before 4.6.1.3217 use weak permissions (Everyone: Full Control) for the program installation directory (%PROGRAMFILES%\Ubisoft Game Launcher), which allows local users to gain privileges via a Trojan horse file.

Affected (2)

Products: Ubi: Uplay Pc
Ubi
1 product
Uplay Pc
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Ubi
Uplay Pc
Up to 4.6.3208
Uplay Pc
Version 4.5.2.3010

Related CWEs

CWE-264
CWE-264

References (6)

Source: cve@mitre.org
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.