ASA-2019-00312 – NVIDIA GeForce Experience: Vulnerability in the Web Helper component

Posted on by Allele Security Intelligence in Alerts

Allele Security Alert

ASA-2019-00312

Identifier(s)

ASA-2019-00312, CVE-2019-5678

Title

Vulnerability in the Web Helper component

Vendor(s)

NVIDIA

Product(s)

NVIDIA GeForce Experience

Affected version(s)

NVIDIA GeForce Experience versions prior to 3.19 running on Windows

Fixed version(s)

NVIDIA GeForce Experience 3.19

Proof of concept

Unknown

Description

NVIDIA GeForce Experience contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated. Such an attack may lead to code execution, denial of service or information disclosure.

Technical details

Unknown

Credits

David Yesland (Rhino Security Labs)

Reference(s)

Security Bulletin: NVIDIA GeForce Experience – May 2019
https://nvidia.custhelp.com/app/answers/detail/a_id/4806

CVE‑2019‑5678
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE‑2019‑5678

CVE‑2019‑5678
https://nvd.nist.gov/vuln/detail/CVE‑2019‑5678

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: June 5, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.