Full title: Ubisoft Uplay 4.6 - Insecure File Permissions Local Privilege Escalation Category: local exploits Platform: windows Uplay for PC suffers from an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the 'F' flag (Full) for 'Everyone' group, making the entire directory 'Ubisoft Game Launcher' and its files and sub-dirs world-writable. Versions 4.7.3208 and 4.5.2.3010 are affected. # 0day.today @ http://0day.today/