Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-5196HistoryOct 03, 2022 - 4:21 p.m.
CVE-2010-5196
2022-10-0316:21:03
Debian Security Bug Tracker
security-tracker.debian.org
10
cve-2010-5196
keepass password safe
untrusted search path
privilege escalation
dwmapi.dll
trojan horse
local users
.kdbx file
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
Untrusted search path vulnerability in KeePass Password Safe before 2.13 allows local users to gain privileges via a Trojan horse DwmApi.dll file in the current working directory, as demonstrated by a directory that contains a .kdbx file. NOTE: some of these details are obtained from third party information.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | keepass2 | < 2.47+dfsg-2 | keepass2_2.47+dfsg-2_all.deb |
| Debian | 11 | all | keepass2 | < 2.47+dfsg-2 | keepass2_2.47+dfsg-2_all.deb |
| Debian | 10 | all | keepass2 | < 2.41+dfsg-1 | keepass2_2.41+dfsg-1_all.deb |
| Debian | 999 | all | keepass2 | < 2.47+dfsg-2 | keepass2_2.47+dfsg-2_all.deb |
| Debian | 13 | all | keepass2 | < 2.47+dfsg-2 | keepass2_2.47+dfsg-2_all.deb |
Related
cve
cve
CVE-2010-5196
2022-10-03 16:21:03
prion
prion
Design/Logic Flaw
2012-09-06 10:41:00
cvelist
cvelist
CVE-2010-5196
2022-10-03 16:21:03
nvd
nvd
CVE-2010-5196
2012-09-06 10:41:54
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIANCVE:CVE-2010-5196