Lucene search

[email protected]CVE-2012-4757

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-4757

2022-10-0316:15:34

[email protected]

web.nvd.nist.gov

cve-2012-4757

cyberlink streamauthor

vulnerability

local users

privileges

untrusted search path

trojan horse

nvd

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.9%

JSON

Multiple untrusted search path vulnerabilities in CyberLink StreamAuthor 4.0 build 3308 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .sta or .stp file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

cyberlinkstreamauthorMatch4.0build3308

CPENameOperatorVersion
cyberlink:streamauthorcyberlink streamauthoreq4.0

CPE	Name	Operator	Version
cyberlink:streamauthor	cyberlink streamauthor	eq	4.0

References

secunia.com/advisories/49290

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.9%

JSON

Related for CVE-2012-4757

cvelist1 prion1 nvd1