WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to drop and load multiple binaries. Standard users can hijack the binary before it's loaded in the application resulting in elevation of privileges. This vulnerability is fixed in 3.14.1 and 4.0.5.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-03-24T19:38:38.140Z
Updated: 2024-08-13T14:28:49.838Z
Reserved: 2024-03-18T17:07:00.094Z
Link: CVE-2024-29187
Vulnrichment
Updated: 2024-08-02T01:10:54.048Z
NVD
Status : Awaiting Analysis
Published: 2024-03-24T20:15:08.003
Modified: 2024-11-21T09:07:45.380
Link: CVE-2024-29187
Redhat
No data.