Lucene search
MitreCVE-2010-2368HistoryOct 18, 2010 - 5:00 p.m.
CVE-2010-2368
2010-10-1817:00:03
mitre
web.nvd.nist.gov
32
cve-2010-2368
untrusted search path vulnerability
lhaplus
privilege escalation
trojan horse dll
nvd
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
5.1%
Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Affected configurations
Node
lhapluslhaplusRange≤1.57
ORlhapluslhaplusMatch1.52
ORlhapluslhaplusMatch1.53
ORlhapluslhaplusMatch1.55
ORlhapluslhaplusMatch1.56
| Vendor | Product | Version | CPE |
|---|---|---|---|
| lhaplus | lhaplus | * | cpe:2.3:a:lhaplus:lhaplus:*:*:*:*:*:*:*:* |
| lhaplus | lhaplus | 1.52 | cpe:2.3:a:lhaplus:lhaplus:1.52:*:*:*:*:*:*:* |
| lhaplus | lhaplus | 1.53 | cpe:2.3:a:lhaplus:lhaplus:1.53:*:*:*:*:*:*:* |
| lhaplus | lhaplus | 1.55 | cpe:2.3:a:lhaplus:lhaplus:1.55:*:*:*:*:*:*:* |
| lhaplus | lhaplus | 1.56 | cpe:2.3:a:lhaplus:lhaplus:1.56:*:*:*:*:*:*:* |
Related
jvn
jvn
JVN#82752978: Lhaplus may insecurely load dynamic libraries
2010-10-12 00:00:00
cvelist
cvelist
CVE-2010-2368
2010-10-18 16:00:00
nvd
nvd
CVE-2010-2368
2010-10-18 17:00:03
prion
prion
Design/Logic Flaw
2010-10-18 17:00:00
openvas
openvas
Lhaplus Untrusted search path Vulnerability
2010-10-22 00:00:00
Lhaplus Untrusted search path Vulnerability
2010-10-22 00:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2010-2368