Lucene search

[email protected]CVE-2010-5197

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-5197

2022-10-0316:21:02

[email protected]

web.nvd.nist.gov

cve-2010-5197

pixia

vulnerability

local users

privileges

wintab32.dll

untrusted search path

6.7 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

JSON

Untrusted search path vulnerability in Pixia 4.70j allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pxa file. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

pixiapixiaMatch4.70j

CPENameOperatorVersion
pixia:pixiapixiaeq4.70j

CPE	Name	Operator	Version
pixia:pixia	pixia	eq	4.70j

References

secunia.com/advisories/41176

www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/

6.7 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2010-5197

prion1 cvelist1 nvd1