VYPR

Windows Installer

by Microsoft

CVEs (46)

  • CVE-2020-0686Feb 11, 2020
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0683.

  • CVE-2019-1415Nov 12, 2019
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of…

  • CVE-2019-1270Sep 11, 2019
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists in Windows store installer where WindowsApps directory is vulnerable to symbolic link attack, aka 'Microsoft Windows Store Installer Elevation of Privilege Vulnerability'.

  • CVE-2019-0973Jun 12, 2019
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An…

  • CVE-2015-2371Jul 14, 2015
    risk 0.00cvss epss 0.02

    The Windows Installer service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a…

  • CVE-2014-1814Aug 12, 2014
    risk 0.00cvss epss 0.02

    The Windows Installer in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application…

Page 3 of 3