CVE-2010-3181

2010-10-2119:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2010-3181

untrusted search path

mozilla firefox

thunderbird

seamonkey

windows

privilege escalation

nvd

6.1 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

13.4%

JSON

Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory.

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxeq3.6.2
mozilla:firefoxmozilla firefoxeq3.6.3
mozilla:firefoxmozilla firefoxeq3.6.8
mozilla:firefoxmozilla firefoxeq3.6.9
mozilla:firefoxmozilla firefoxeq3.6.6
mozilla:firefoxmozilla firefoxeq3.6.10
mozilla:firefoxmozilla firefoxeq3.6.7
mozilla:firefoxmozilla firefoxeq3.6.4
mozilla:firefoxmozilla firefoxeq3.6
mozilla:seamonkeymozilla seamonkeyeq1.1.10

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	eq	3.6.2
mozilla:firefox	mozilla firefox	eq	3.6.3
mozilla:firefox	mozilla firefox	eq	3.6.8
mozilla:firefox	mozilla firefox	eq	3.6.9
mozilla:firefox	mozilla firefox	eq	3.6.6
mozilla:firefox	mozilla firefox	eq	3.6.10
mozilla:firefox	mozilla firefox	eq	3.6.7
mozilla:firefox	mozilla firefox	eq	3.6.4
mozilla:firefox	mozilla firefox	eq	3.6
mozilla:seamonkey	mozilla seamonkey	eq	1.1.10