Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2014-5455

Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder.

  • Published: Aug 25, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-5455
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.9
  • AV:L/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
privatetunnel / privatetunnel 2.3.8 2.3.8.x
openvpn / openvpn 2.1.28.0 2.1.28.0.x