CVE-2010-3162

Published Oct 25, 2010

Last updated 3 months ago

CVSS info 6.9

Overview

Description: Untrusted search path vulnerability in Apsaly before 3.74 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
Source: vultures@jpcert.or.jp
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.9
Impact score: 10
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Evaluator

Comment: Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'
Impact: -
Solution: -

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B65DBC7-FB43-4F6D-82D4-D4AFA45889D3",
            "versionEndIncluding": "3.70"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:1.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7096C6D9-080B-498E-B694-297C34E133A7"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:1.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A242E09A-C6DB-4B0C-9E9F-F535A23ECF7F"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:2.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20B5AB7E-FD8A-4677-8C1D-5919F0CC9A1B"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:2.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B40DD8B1-1217-4F01-A660-BEF096861A1F"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:2.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5044E01-9429-4EF4-A071-C9A97664D98D"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:2.30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41A126E7-6365-408E-86A5-CB1AF304E062"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:2.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BE69F49-35B9-4EBA-805C-D615FD6663C6"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:2.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D3F4CD7-38B5-4618-A76D-0619262CDAB6"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:2.60:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BBF560D-691D-42FB-BC0C-FA84C48B181D"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:2.70:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B946CFEC-8C8A-4550-88AC-87E3C31D05CC"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:2.72:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C915C9A-8695-4F38-9E19-12AACCF29F2B"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:3.00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAB46FC7-6E64-40A0-BE5D-E104DAACFF11"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:3.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A8812F0-3D50-4BC0-A35A-350184B86DFB"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:3.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E15A55F-99FA-4918-A8CD-03CC4450C72E"
          },
          {
            "criteria": "cpe:2.3:a:masahiko_watanabe:apsaly:3.60:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F3ABDBE-E950-49D0-BE8C-26A195084193"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References