Lucene search

[email protected]CVE-2013-0727

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2013-0727

2022-10-0316:15:03

[email protected]

web.nvd.nist.gov

cve-2013-0727

untrusted search path

global mapper 14.1.0

privileges

vulnerability

nvd

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.9%

JSON

Multiple untrusted search path vulnerabilities in Global Mapper 14.1.0 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) ibfs32.dll file in the current working directory, as demonstrated by a directory that contains a .gmc, .gmg, .gmp, .gms, .gmw, or .opt file.

Affected configurations

NVD

Node

bluemarblegeoglobal_mapperMatch14.1.0

CPENameOperatorVersion
bluemarblegeo:global_mapperbluemarblegeo global mappereq14.1.0

CPE	Name	Operator	Version
bluemarblegeo:global_mapper	bluemarblegeo global mapper	eq	14.1.0

References

secunia.com/advisories/51510

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.9%

JSON

Related for CVE-2013-0727

cvelist1 nvd1 prion1