Lucene search

[email protected]CVE-2007-6753

HistoryMar 28, 2012 - 7:55 p.m.

CVE-2007-6753

2012-03-2819:55:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-6753

untrusted search path

shell32.dll

microsoft windows

privilege escalation

vulnerability

nvd

7.2 High

AI Score

Confidence

Low

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

16.9%

JSON

Untrusted search path vulnerability in Shell32.dll in Microsoft Windows 2000, Windows XP, Windows Vista, Windows Server 2008, and Windows 7, when using an environment configured with a string such as %APPDATA% or %PROGRAMFILES% in a certain way, allows local users to gain privileges via a Trojan horse DLL under the current working directory, as demonstrated by iTunes and Safari.

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*
microsoft:windows_server_2008microsoft windows server 2008eq-
microsoft:windows_vistamicrosoft windows vistaeq*
microsoft:windows_7microsoft windows 7eq*
microsoft:windows_xpmicrosoft windows xpeq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*
microsoft:windows_server_2008	microsoft windows server 2008	eq	-
microsoft:windows_vista	microsoft windows vista	eq	*
microsoft:windows_7	microsoft windows 7	eq	*
microsoft:windows_xp	microsoft windows xp	eq	*

References

blog.acrossecurity.com/2010/10/breaking-setdlldirectory-protection.html

secunia.com/advisories/41984

support.microsoft.com/kb/329308

www.securityfocus.com/bid/44484

7.2 High

AI Score

Confidence

Low

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

16.9%

JSON

Related for CVE-2007-6753

prion1