exploitDog

CVE-2010-5239

Опубликовано: 07 сент. 2012

Источник: nvd

CVSS2: 6.9

EPSS Низкий

Описание

Untrusted search path vulnerability in DAEMON Tools Lite 4.35.6.0091 and Pro Standard 4.36.0309.0160 allows local users to gain privileges via a Trojan horse mfc80loc.dll file in the current working directory, as demonstrated by a directory that contains a .mds file. NOTE: some of these details are obtained from third party information.

Комментарий

Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426 Untrusted Search Path'

Ссылки

http://secunia.com/advisories/41146
Vendor Advisory
http://www.exploit-db.com/exploits/14791/
http://secunia.com/advisories/41146
Vendor Advisory
http://www.exploit-db.com/exploits/14791/

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:daemon-tools:daemon_tools:4.35.6.0091:*:lite:*:*:*:*:*

cpe:2.3:a:daemon-tools:daemon_tools:4.36.0309.0160:*:pro_standard:*:*:*:*:*

EPSS

Процентиль: 52%

0.00292

Низкий

6.9 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-8427-qx4w-7x27

github

больше 3 лет назад

Untrusted search path vulnerability in DAEMON Tools Lite 4.35.6.0091 and Pro Standard 4.36.0309.0160 allows local users to gain privileges via a Trojan horse mfc80loc.dll file in the current working directory, as demonstrated by a directory that contains a .mds file. NOTE: some of these details are obtained from third party information.

EPSS

Процентиль: 52%

0.00292

Низкий

6.9 Medium

CVSS2

Дефекты

NVD-CWE-Other