CVE-2012-3004
Published Sep 8, 2012
Last updated 12 years ago
Overview
- Description
- Multiple untrusted search path vulnerabilities in RealFlex RealWin before 2.1.13, FlexView before 3.1.86, and RealWinDemo before 2.1.13 allow local users to gain privileges via a Trojan horse (1) realwin.dll or (2) keyhook.dll file in the current working directory.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.9
- Impact score
- 10
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426 Untrusted Search Path'
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:realflex:realwin:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "623061FC-5D07-4B73-84D2-7BBAF539F046",
"versionEndIncluding": "2.1.12"
},
{
"criteria": "cpe:2.3:a:realflex:realwin:1.06:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C400FAA-C8A3-4549-9954-91F19C7BE50F"
},
{
"criteria": "cpe:2.3:a:realflex:realwin:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE107083-8D98-419D-9EEC-8E8067E12201"
},
{
"criteria": "cpe:2.3:a:realflex:realwin:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D51FC22-F25C-4F47-9B38-F9E6CF57E361"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:realflex:flexview:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "695A3D6C-9E33-4FBB-84BD-9B24101C264B",
"versionEndIncluding": "3.1.85"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:realflex:realwindemo:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69276A4F-33C4-4A95-980D-939577FE0CCD",
"versionEndIncluding": "2.1.12"
}
],
"operator": "OR"
}
]
}
]