CVE-2011-1338
Published Jul 11, 2011
Last updated 7 years ago
Overview
- Description
- Untrusted search path vulnerability in XnView before 1.98.1 allows local users to gain privileges via a Trojan horse .exe file in a folder selected by the "Open containing folder" menu item.
- Source
- vultures@jpcert.or.jp
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.9
- Impact score
- 10
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xnview:xnview:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A98A483F-257F-4B06-A2E3-56CA425EA07D",
"versionEndIncluding": "1.98"
},
{
"criteria": "cpe:2.3:a:xnview:xnview:1.74:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A195F27B-4B38-4882-B34C-D729CC8ACB99"
},
{
"criteria": "cpe:2.3:a:xnview:xnview:1.80:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC73F60A-D89E-46FE-BA89-EAFE509489D3"
},
{
"criteria": "cpe:2.3:a:xnview:xnview:1.80.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5CA0EDE4-DF5A-4152-B113-75E93910F556"
},
{
"criteria": "cpe:2.3:a:xnview:xnview:1.80.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2427F9F0-76C3-4C53-A794-6C0E839A1BD9"
},
{
"criteria": "cpe:2.3:a:xnview:xnview:1.80.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4400B8A-5D9B-4E68-830D-28D70969DDA9"
},
{
"criteria": "cpe:2.3:a:xnview:xnview:1.82:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E21984E-6830-44B9-BFCD-5EFC9886272E"
}
],
"operator": "OR"
}
]
}
]