CVE-2010-3165
Published Oct 25, 2010
Last updated 14 years ago
Overview
- Description
- Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and earlier, OuiEditor 1.6.1.1 and earlier, UnEditor 1.10.1.2 and earlier, DeuxEditor 1.7.1.2 and earlier, SQLEditorXP 3.14.1.2 and earlier, SQLEditorTE 1.9.1.3 and earlier, SQLEditor8 3.8.1.2 and earlier, and SQLEditorClassic 1.8.1.3 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory.
- Source
- vultures@jpcert.or.jp
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.9
- Impact score
- 10
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yokkasoft:deuxeditor:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7341E3E4-0772-46FE-B106-BA88AEF968C0",
"versionEndIncluding": "1.7.1.2"
},
{
"criteria": "cpe:2.3:a:yokkasoft:noeditor:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "158F6F31-62AF-4AC1-A36E-D92B91447CD5",
"versionEndIncluding": "1.33.1.1"
},
{
"criteria": "cpe:2.3:a:yokkasoft:ouieditor:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0BD832B-39EB-4D60-AB81-9B0816001555",
"versionEndIncluding": "1.6.1.1"
},
{
"criteria": "cpe:2.3:a:yokkasoft:sqleditor8:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9EB94F7F-C129-4FD2-A935-50D423CFE533",
"versionEndIncluding": "3.8.1.2"
},
{
"criteria": "cpe:2.3:a:yokkasoft:sqleditorclassic:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F848F664-DADA-4934-BE54-01D602FF6748",
"versionEndIncluding": "1.8.1.3"
},
{
"criteria": "cpe:2.3:a:yokkasoft:sqleditorte:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D6557AE-5A30-4AB6-961C-3EE918661423",
"versionEndIncluding": "1.9.1.3"
},
{
"criteria": "cpe:2.3:a:yokkasoft:sqleditorxp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8AFFFFB6-0190-4295-8DDE-838937D5DF63",
"versionEndIncluding": "3.14.1.2"
},
{
"criteria": "cpe:2.3:a:yokkasoft:uneditor:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1FCBD224-6F83-41E7-9C0A-0257452B0170",
"versionEndIncluding": "1.10.1.2"
}
],
"operator": "OR"
}
]
}
]