Lucene search

K
cve[email protected]CVE-2010-5248
HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-5248

2022-10-0316:21:02
web.nvd.nist.gov
23
ultravnc
cve-2010-5248
search path vulnerability
local users
privileges
vnclang.dll
trojan horse

6.7 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

Untrusted search path vulnerability in UltraVNC 1.0.8.2 allows local users to gain privileges via a Trojan horse vnclang.dll file in the current working directory, as demonstrated by a directory that contains a .vnc file. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD
Node
ultravncultravncMatch1.0.8.2
CPENameOperatorVersion
ultravnc:ultravncultravnceq1.0.8.2

6.7 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

Related for CVE-2010-5248