Описание
Multiple untrusted search path vulnerabilities in Global Mapper 14.1.0 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) ibfs32.dll file in the current working directory, as demonstrated by a directory that contains a .gmc, .gmg, .gmp, .gms, .gmw, or .opt file.
Комментарий
Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:bluemarblegeo:global_mapper:14.1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00068
Низкий
6.9 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Multiple untrusted search path vulnerabilities in Global Mapper 14.1.0 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) ibfs32.dll file in the current working directory, as demonstrated by a directory that contains a .gmc, .gmg, .gmp, .gms, .gmw, or .opt file.
EPSS
Процентиль: 21%
0.00068
Низкий
6.9 Medium
CVSS2
Дефекты
NVD-CWE-Other