Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-29081

A vulnerability has been reported in Suite Setups built with versions prior to InstallShield 2023 R2. This vulnerability may allow locally authenticated users to cause a Denial of Service (DoS) condition when handling move operations on local, temporary folders.

Published

2024-01-26T20:15:54.187

Last Modified

2024-11-21T07:56:30.530

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-276
Type: Primary
CWE-276

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	flexera	installshield	2016	Yes
Application	flexera	installshield	2016	Yes
Application	flexera	installshield	2016	Yes
Application	flexera	installshield	2017	Yes
Application	flexera	installshield	2017	Yes
Application	flexera	installshield	2018	Yes
Application	flexera	installshield	2018	Yes
Application	flexera	installshield	2018	Yes
Application	flexera	installshield	2019	Yes
Application	flexera	installshield	2019	Yes
Application	flexera	installshield	2019	Yes
Application	flexera	installshield	2020	Yes
Application	flexera	installshield	2020	Yes
Application	flexera	installshield	2020	Yes
Application	flexera	installshield	2020	Yes
Application	flexera	installshield	2021	Yes
Application	flexera	installshield	2021	Yes
Application	flexera	installshield	2022	Yes
Application	flexera	installshield	2022	Yes
Application	flexera	installshield	2023	Yes

References

https://community.flexera.com/t5/InstallShield-Knowledge-Base/CVE-2023-29081-InstallShield-Symlink-Vulnerability-Affecting/ta-p/305052 Third Party Advisory ([email protected])
https://community.flexera.com/t5/InstallShield-Knowledge-Base/CVE-2023-29081-InstallShield-Symlink-Vulnerability-Affecting/ta-p/305052 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)