CVE-2010-5082

2012-01-1719:55:00

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

High

EPSS

0.796

Percentile

98.4%

JSON

Untrusted search path vulnerability in colorcpl.exe 6.0.6000.16386 in the Color Control Panel in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 allows local users to gain privileges via a Trojan horse sti.dll file in the current working directory, as demonstrated by a directory that contains a .camp, .cdmp, .gmmp, .icc, or .icm file, aka “Color Control Panel Insecure Library Loading Vulnerability.”

Affected configurations

Nvd

Node

microsoftwindows_server_2008sp2

microsoftwindows_server_2008Match-sp2

VendorProductVersionCPE
microsoftwindows_server_2008*cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
microsoftwindows_server_2008-cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows_server_2008	*	cpe:2.3:o:microsoft:windows_server_2008::sp2::::::*
microsoft	windows_server_2008	-	cpe:2.3:o:microsoft:windows_server_2008:-:sp2::::::