Lucene search

[email protected]CVE-2010-5221

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-5221

2022-10-0316:21:03

[email protected]

web.nvd.nist.gov

cve-2010-5221

untrusted search path

vulnerability

stdu explorer 1.0.201

local users

privileges

trojan horse

dwmapi.dll

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Untrusted search path vulnerability in STDU Explorer 1.0.201 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

stdutilitystdu_explorerMatch1.0.201

CPENameOperatorVersion
stdutility:stdu_explorerstdutility stdu explorereq1.0.201

CPE	Name	Operator	Version
stdutility:stdu_explorer	stdutility stdu explorer	eq	1.0.201

References

packetstormsecurity.org/1010-exploits/stdu-dllhijack.txt

secunia.com/advisories/41845

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2010-5221

prion1 cvelist1 nvd1