CVE-2015-4674 Information
Feb 14, 2021
cve
Description
The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file.
Reference
http://seclists.org/fulldisclosure/2015/Jun/105 http://www.securityfocus.com/archive/1/535881/100/700/threaded http://www.securityfocus.com/bid/75572
Share on: