AI Score
Confidence
High
EPSS
Percentile
59.3%
Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the dependency at an appropriate time during runtime.
jvn.jp/en/jp/JVN68418039/index.html
lists.debian.org/debian-lts-announce/2018/11/msg00041.html
sourceforge.net/p/nsis/bugs/1125/