NoMachine prior to 5.3.27 and 6.x prior to 6.3.6 allows malicious users to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is executed. (The directory could, in general, be on a local filesystem or a network share.).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nomachine nomachine |