Lucene search

K
cve[email protected]CVE-2010-5240
HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-5240

2022-10-0316:21:03
web.nvd.nist.gov
18
cve-2010-5240
corel
photo-paint
coreldraw
x5
15.1.0.588
untrusted search path
vulnerabilities
local users
gain privileges
dwmapi.dll
crlrib.dll
trojan horse

6.9 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.931 High

EPSS

Percentile

99.1%

Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD
Node
corelcoreldraw_x5Match15.1.0.588
OR
corelphoto-paint_x3Match13.0.0.576

6.9 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.931 High

EPSS

Percentile

99.1%

Related for CVE-2010-5240