2 matches found
Microsoft Color Control Panel Insecure Library Loading (MS12-012; CVE-2010-5082)
A remote code execution vulnerability has been reported in Microsoft Color Control Panel...
CVE-2010-5082
CVE-2010-5082 affects the Windows Color Control Panel (colorcpl.exe) on Windows Server 2008 SP2, R2, and R2 SP1. The vulnerability stems from insecure library loading where sti.dll can be loaded from the current working directory, enabling privilege escalation when a malicious directory also cont...