Lucene search
HistoryFeb 24, 2011 - 9:00 p.m.
CVE-2011-0452
CVSS2
6.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
AI Score
6.4
Confidence
High
EPSS
0
Percentile
5.1%
Untrusted search path vulnerability in the script function in Lunascape before 6.4.3 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
Affected configurations
Node
lunascapelunascapeRange≤6.4.2
ORlunascapelunascapeMatch3.0.0
ORlunascapelunascapeMatch3.0.1
ORlunascapelunascapeMatch3.1.0
ORlunascapelunascapeMatch3.5.0
ORlunascapelunascapeMatch3.5.1
ORlunascapelunascapeMatch3.5.2
ORlunascapelunascapeMatch3.5.3
ORlunascapelunascapeMatch3.5.4
ORlunascapelunascapeMatch3.6.0
ORlunascapelunascapeMatch3.6.1
ORlunascapelunascapeMatch3.6.2
ORlunascapelunascapeMatch3.6.3
ORlunascapelunascapeMatch3.6.4
ORlunascapelunascapeMatch3.6.5
ORlunascapelunascapeMatch4.0.0
ORlunascapelunascapeMatch4.0.1
ORlunascapelunascapeMatch4.0.2
ORlunascapelunascapeMatch4.0.3
ORlunascapelunascapeMatch4.0.4
ORlunascapelunascapeMatch4.0.5
ORlunascapelunascapeMatch4.0.6
ORlunascapelunascapeMatch4.0.7
ORlunascapelunascapeMatch4.1.0
ORlunascapelunascapeMatch4.1.1
ORlunascapelunascapeMatch4.1.2
ORlunascapelunascapeMatch4.1.3
ORlunascapelunascapeMatch4.2.0
ORlunascapelunascapeMatch4.2.1
ORlunascapelunascapeMatch4.2.2
ORlunascapelunascapeMatch4.3.0
ORlunascapelunascapeMatch4.3.1
ORlunascapelunascapeMatch4.3.2
ORlunascapelunascapeMatch4.3.3
ORlunascapelunascapeMatch4.5.0
ORlunascapelunascapeMatch4.5.1
ORlunascapelunascapeMatch4.5.2
ORlunascapelunascapeMatch4.6
ORlunascapelunascapeMatch4.6.1
ORlunascapelunascapeMatch4.6.2
ORlunascapelunascapeMatch4.6.3
ORlunascapelunascapeMatch4.6.4
ORlunascapelunascapeMatch4.6.5
ORlunascapelunascapeMatch4.7.0
ORlunascapelunascapeMatch4.7.1
ORlunascapelunascapeMatch4.7.2
ORlunascapelunascapeMatch4.7.3
ORlunascapelunascapeMatch4.7.4
ORlunascapelunascapeMatch4.8.0
ORlunascapelunascapeMatch4.8.1
ORlunascapelunascapeMatch5.0rc3
ORlunascapelunascapeMatch5.0.0
ORlunascapelunascapeMatch5.0.1
ORlunascapelunascapeMatch5.0.2
ORlunascapelunascapeMatch5.0.3
ORlunascapelunascapeMatch5.0.4
ORlunascapelunascapeMatch5.0.5
ORlunascapelunascapeMatch5.1beta
ORlunascapelunascapeMatch5.1.0
ORlunascapelunascapeMatch5.1.1
ORlunascapelunascapeMatch5.1.2
ORlunascapelunascapeMatch5.1.3
ORlunascapelunascapeMatch5.1.4
ORlunascapelunascapeMatch5.1.5
ORlunascapelunascapeMatch5.1.6
ORlunascapelunascapeMatch6.0.0
ORlunascapelunascapeMatch6.0.1
ORlunascapelunascapeMatch6.0.2
ORlunascapelunascapeMatch6.0.3
ORlunascapelunascapeMatch6.1
ORlunascapelunascapeMatch6.1.1
ORlunascapelunascapeMatch6.1.2
ORlunascapelunascapeMatch6.1.3
ORlunascapelunascapeMatch6.1.4
ORlunascapelunascapeMatch6.1.5
ORlunascapelunascapeMatch6.1.6
ORlunascapelunascapeMatch6.1.7
ORlunascapelunascapeMatch6.2
ORlunascapelunascapeMatch6.2.1
ORlunascapelunascapeMatch6.3
ORlunascapelunascapeMatch6.3.1
ORlunascapelunascapeMatch6.3.2
ORlunascapelunascapeMatch6.3.3
ORlunascapelunascapeMatch6.3.4
ORlunascapelunascapeMatch6.4.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| lunascape | lunascape | * | cpe:2.3:a:lunascape:lunascape:*:*:*:*:*:*:*:* |
| lunascape | lunascape | 3.0.0 | cpe:2.3:a:lunascape:lunascape:3.0.0:*:*:*:*:*:*:* |
| lunascape | lunascape | 3.0.1 | cpe:2.3:a:lunascape:lunascape:3.0.1:*:*:*:*:*:*:* |
| lunascape | lunascape | 3.1.0 | cpe:2.3:a:lunascape:lunascape:3.1.0:*:*:*:*:*:*:* |
| lunascape | lunascape | 3.5.0 | cpe:2.3:a:lunascape:lunascape:3.5.0:*:*:*:*:*:*:* |
| lunascape | lunascape | 3.5.1 | cpe:2.3:a:lunascape:lunascape:3.5.1:*:*:*:*:*:*:* |
| lunascape | lunascape | 3.5.2 | cpe:2.3:a:lunascape:lunascape:3.5.2:*:*:*:*:*:*:* |
| lunascape | lunascape | 3.5.3 | cpe:2.3:a:lunascape:lunascape:3.5.3:*:*:*:*:*:*:* |
| lunascape | lunascape | 3.5.4 | cpe:2.3:a:lunascape:lunascape:3.5.4:*:*:*:*:*:*:* |
| lunascape | lunascape | 3.6.0 | cpe:2.3:a:lunascape:lunascape:3.6.0:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2011-02-24 21:00:00
kaspersky
kaspersky
KLA10246 LPE vulnerability in Lunascape
2011-02-24 00:00:00
cvelist
cvelist
CVE-2011-0452
2011-02-24 20:00:00
jvn
jvn
JVN#38362957: Lunascape may insecurely load executable files
2011-02-23 00:00:00
cve
cve
CVE-2011-0452
2011-02-24 21:00:01
CVSS2
6.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
AI Score
6.4
Confidence
High
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2011-0452