NVD

Id
16481  
Name
CVE-2010-5272  
Description
Untrusted search path vulnerability in Altova DatabaseSpy 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .qprj file. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
6.9  
Severity
Medium  
CVSS Base Score
6.9  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.4  
CVSS Vector
(AV:L/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2012-09-07  
Modified Date
2012-09-07  
Seq
2010-5272  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
92344 16481 CVE-2010-5272 http://www.coresecurity.com/content/altova-databasespy-2011-dwmapi-dll-hijacking-exploit-10-5  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
28533 JVNDB-2012-004240 Altova DatabaseSpy における権限を取得される脆弱性 Altova DatabaseSpy には、検索パスに関する処理に不備があるため、権限を取得される脆弱性が存在します。 CVE-2010-5272 47852 CVE-2010-5272 16481 6.9 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004240.html 2012-09-07 2012-09-11 View