Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2012-4897
HistoryOct 05, 2012 - 5:55 p.m.

CVE-2012-4897

2012-10-0517:55:00
mitre
web.nvd.nist.gov
26
cve-2012-4897
untrusted search path vulnerability
vmware movie decoder
installer
privilege escalation
nvd

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0

Percentile

5.1%

JSON

Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory.

Affected configurations

Nvd
Node
vmwaremovie_decoderRange7.1.2
OR
vmwaremovie_decoderMatch6.5.2
OR
vmwaremovie_decoderMatch6.5.3
OR
vmwaremovie_decoderMatch6.5.4
OR
vmwaremovie_decoderMatch6.5.5
OR
vmwaremovie_decoderMatch7.0
VendorProductVersionCPE
vmwaremovie_decoder*cpe:2.3:a:vmware:movie_decoder:*:*:*:*:*:*:*:*
vmwaremovie_decoder6.5.2cpe:2.3:a:vmware:movie_decoder:6.5.2:*:*:*:*:*:*:*
vmwaremovie_decoder6.5.3cpe:2.3:a:vmware:movie_decoder:6.5.3:*:*:*:*:*:*:*
vmwaremovie_decoder6.5.4cpe:2.3:a:vmware:movie_decoder:6.5.4:*:*:*:*:*:*:*
vmwaremovie_decoder6.5.5cpe:2.3:a:vmware:movie_decoder:6.5.5:*:*:*:*:*:*:*
vmwaremovie_decoder7.0cpe:2.3:a:vmware:movie_decoder:7.0:*:*:*:*:*:*:*

Related

nvd 1
nessus 1
prion 1
cvelist 1
securityvulns 2
vmware 1
nvd
nvd
CVE-2012-4897
2012-10-05 17:55:00
nessus
nessus
VMware Movie Decoder < 9.0 Path Subversion Arbitrary DLL Injection Code Execution (VMSA-2012-0014)
2012-11-30 00:00:00
prion
prion
Design/Logic Flaw
2012-10-05 17:55:00
cvelist
cvelist
CVE-2012-4897
2012-10-05 17:00:00
securityvulns
securityvulns
VMSA-2012-0014 VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates
2012-10-15 00:00:00
VMWare applications security vulnerabilities
2012-10-15 00:00:00
vmware
vmware
VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates
2012-10-04 00:00:00

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2012-4897
nvd1nessus1prion1cvelist1securityvulns2vmware1