InstallBuilder for Qt Windows (versions before 20.7.0) installers look for plugins at a predictable location at initialization time, writable by non-admin users. While those plugins are not required, they are loaded if present, which could allow an malicious user to plant a malicious library which could result in code execution with the security scope of the installer.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
installbuilder installbuilder |