Medium severity5.5NVD Advisory· Published Oct 1, 2018· Updated Jun 17, 2026
CVE-2015-9267
CVE-2015-9267
Description
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <2.49
Patches
Vulnerability mechanics
References
3- sourceforge.net/p/nsis/bugs/1125/nvdExploitIssue TrackingPatchThird Party Advisory
- jvn.jp/en/jp/JVN68418039/index.htmlnvdThird Party Advisory
- lists.debian.org/debian-lts-announce/2018/11/msg00041.htmlnvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.