Uninitialized Stack Variable Vulnerability in nxfuse Component of NoMachine

Uninitialized Stack Variable Vulnerability in nxfuse Component of NoMachine

CVE-2018-6947 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for Windows 8 and 10.

Learn more about our Open Source Audit.