CVE-2010-5239

2022-10-0316:21:02

[email protected]

web.nvd.nist.gov

cve-2010-5239

untrusted search path vulnerability

daemon tools lite

pro standard

local users

privilege escalation

trojan horse

security issue

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

16.1%

JSON

Untrusted search path vulnerability in DAEMON Tools Lite 4.35.6.0091 and Pro Standard 4.36.0309.0160 allows local users to gain privileges via a Trojan horse mfc80loc.dll file in the current working directory, as demonstrated by a directory that contains a .mds file. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

daemon-toolsdaemon_toolsMatch4.35.6.0091lite

daemon-toolsdaemon_toolsMatch4.36.0309.0160pro_standard

CPENameOperatorVersion
daemon-tools:daemon_toolsdaemon-tools daemon toolseq4.35.6.0091
daemon-tools:daemon_toolsdaemon-tools daemon toolseq4.36.0309.0160