CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
25.7%
Multiple untrusted search path vulnerabilities in TuneUp Utilities 2009 8.0.3310 and 2010 9.0.4600 allow local users to gain privileges via a Trojan horse (1) wscapi.dll or (2) vclib32.dll file in the current working directory, as demonstrated by a directory that contains a .tvs file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Vendor | Product | Version | CPE |
---|---|---|---|
tuneup | tuneup_utilities_2009 | 8.0.3310 | cpe:2.3:a:tuneup:tuneup_utilities_2009:8.0.3310:*:*:*:*:*:*:* |
tuneup | tuneup_utilities_2010 | 9.0.4600 | cpe:2.3:a:tuneup:tuneup_utilities_2010:9.0.4600:*:*:*:*:*:*:* |