CVE-2013-2604
CVSS7.2
发布时间 :2015-01-12 14:59:01
修订时间 :2015-01-13 15:43:27
NMCOS    

[原文]RealNetworks GameHouse RealArcade Installer (aka ActiveMARK Game Installer) 2.6.0.481 and 3.0.7 uses weak permissions (Create Files/Write Data) for the GameHouse Games directory tree, which allows local users to gain privileges via a Trojan horse DLL in an individual game's directory, as demonstrated by DDRAW.DLL in the Zuma Deluxe directory.


[CNNVD]RealNetworks GameHouse RealArcade Installer 本地任意代码执行漏洞(CNNVD-201309-051)

        GameHouse RealArcade Installer是美国RealNetworks公司的一套游戏门户网站中的下载安装包。
        GameHouse RealArcade Installer中存在本地任意代码执行漏洞。本地攻击者可利用该漏洞在用户运行的受影响应用程序上下文中执行任意代码。

- CVSS (基础分值)

CVSS分值: 7.2 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-264 [权限、特权与访问控制]

- CPE (受影响的平台与产品)

cpe:/a:realnetworks:realarcade_installer:3.0.7
cpe:/a:realnetworks:realarcade_installer:2.6.0.481

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2604
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2604
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201309-051
(官方数据源) CNNVD

- 其它链接及资源

https://www.riskbasedsecurity.com/research/RBS-2013-005.pdf
(UNKNOWN)  MISC  https://www.riskbasedsecurity.com/research/RBS-2013-005.pdf
http://www.riskbasedsecurity.com/reports/RBS-GameHouseAnalysis-Sept2013.pdf
(UNKNOWN)  MISC  http://www.riskbasedsecurity.com/reports/RBS-GameHouseAnalysis-Sept2013.pdf
http://www.osvdb.org/96918
(UNKNOWN)  OSVDB  96918

- 漏洞信息

RealNetworks GameHouse RealArcade Installer 本地任意代码执行漏洞
代码注入
2013-09-10 00:00:00 2013-09-10 00:00:00
本地  
        GameHouse RealArcade Installer是美国RealNetworks公司的一套游戏门户网站中的下载安装包。
        GameHouse RealArcade Installer中存在本地任意代码执行漏洞。本地攻击者可利用该漏洞在用户运行的受影响应用程序上下文中执行任意代码。

- 公告与补丁

        目前厂商还没有提供此漏洞的相关补丁或者升级程序,建议使用此软件的用户随时关注厂商的主页以获取最新版本:
        http://www.gamehouse.com/

- 漏洞信息

96918
GameHouse RealArcade Installer Default Game Installation Directory Unsafe Permissions Privilege Escalation
Local Access Required Misconfiguration
Loss of Integrity Change Default Setting
Exploit Public RBS Confirmed, No Vendor Response

- 漏洞描述

GameHouse RealArcade Installer contains a flaw, as it by default installs games into '%HOMEDRIVE%\GameHouse Games\' with 'Create Files / Write Data' permissions, allowing unprivileged users to create arbitrary files within the game installation directories. This allows a local attacker to place e.g. a malicious DLL file within a game installation directory, causing it to be loaded when the game is launched and allows gaining privileges similar to any user running the game.

- 时间线

2013-09-05 2013-01-26
Unknow Unknow

- 解决方案

During installation, do not select the default suggested game installation path, but instead one within the %ProgramFiles% path.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

GameHouse RealArcade Installer CVE-2013-2604 Local Arbitrary Code Execution Vulnerability
Unknown 62249
No Yes
2013-09-05 12:00:00 2013-09-05 12:00:00
Carsten Eiram of Risk Based Security.

- 受影响的程序版本

- 漏洞讨论

GameHouse RealArcade Installer is prone to a local arbitrary code-execution vulnerability.

Local attackers can exploit this issue to execute arbitrary code within the context of the user running the affected.

- 漏洞利用

An attacker requires local access to the system as an authenticated Windows user to exploit this issue.

- 解决方案

Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站