High severity7.8NVD Advisory· Published Feb 24, 2016· Updated Jun 17, 2026
CVE-2016-2542
CVE-2016-2542
Description
Untrusted search path vulnerability in Flexera InstallShield through 2015 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executable file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:flexera:installshield:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:flexera:installshield:*:*:*:*:*:*:*:*range: <2015
- cpe:2.3:a:flexera:installshield:2015:-:*:*:*:*:*:*
- cpe:2.3:a:flexera:installshield:2015:sp1:*:*:*:*:*:*
- (no CPE)range: <=2015 SP1
Patches
Vulnerability mechanics
References
6- www.securityfocus.com/bid/84213nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1035097nvdThird Party AdvisoryVDB Entry
- flexeracommunity.force.com/customer/articles/INFO/Best-Practices-to-Avoid-Windows-Setup-Launcher-Executable-IssuesnvdTechnical DescriptionThird Party Advisory
- www.tenable.com/security/tns-2019-08nvdThird Party Advisory
- us-cert.cisa.gov/ics/advisories/icsa-20-287-03nvd
- www.oracle.com/security-alerts/cpuApr2021.htmlnvd
News mentions
0No linked articles in our index yet.