Lucene search

[email protected]CVE-2010-5222

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-5222

2022-10-0316:21:02

[email protected]

web.nvd.nist.gov

cve-2010-5222

vulnerability

ease jukebox 1.40

local users

trojan horse

wmaudsdk.dll

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Untrusted search path vulnerability in Ease Jukebox 1.40 allows local users to gain privileges via a Trojan horse wmaudsdk.dll file in the current working directory, as demonstrated by a directory that contains a .mp3 or .wav file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

audiotoolease_jukeboxMatch1.40

CPENameOperatorVersion
audiotool:ease_jukeboxaudiotool ease jukeboxeq1.40

CPE	Name	Operator	Version
audiotool:ease_jukebox	audiotool ease jukebox	eq	1.40

References

secunia.com/advisories/41902

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2010-5222

prion1 cvelist1 nvd1