Lucene search
IcscertCVE-2012-3004HistorySep 08, 2012 - 10:28 a.m.
CVE-2012-3004
2012-09-0810:28:20
icscert
web.nvd.nist.gov
24
cve-2012-3004
untrusted search path
vulnerabilities
realflex
realwin
flexview
gain privileges
local users
trojan horse
realwin.dll
keyhook.dll
nvd
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.9
Confidence
Low
EPSS
0.001
Percentile
25.6%
Multiple untrusted search path vulnerabilities in RealFlex RealWin before 2.1.13, FlexView before 3.1.86, and RealWinDemo before 2.1.13 allow local users to gain privileges via a Trojan horse (1) realwin.dll or (2) keyhook.dll file in the current working directory.
Affected configurations
Node
realflexrealwinRange≤2.1.12
ORrealflexrealwinMatch1.06
ORrealflexrealwinMatch2.0
ORrealflexrealwinMatch2.1
Node
realflexflexviewRange≤3.1.85
Node
realflexrealwindemoRange≤2.1.12
| Vendor | Product | Version | CPE |
|---|---|---|---|
| realflex | realwin | * | cpe:2.3:a:realflex:realwin:*:*:*:*:*:*:*:* |
| realflex | realwin | 1.06 | cpe:2.3:a:realflex:realwin:1.06:*:*:*:*:*:*:* |
| realflex | realwin | 2.0 | cpe:2.3:a:realflex:realwin:2.0:*:*:*:*:*:*:* |
| realflex | realwin | 2.1 | cpe:2.3:a:realflex:realwin:2.1:*:*:*:*:*:*:* |
| realflex | flexview | * | cpe:2.3:a:realflex:flexview:*:*:*:*:*:*:*:* |
| realflex | realwindemo | * | cpe:2.3:a:realflex:realwindemo:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2012-3004
2012-09-08 10:00:00
prion
prion
Design/Logic Flaw
2012-09-08 10:28:00
nvd
nvd
CVE-2012-3004
2012-09-08 10:28:20
ics
ics
RealFlex RealWinDemo DLL Hijack
2014-01-02 12:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.9
Confidence
Low
EPSS
0.001
Percentile
25.6%
Related for CVE-2012-3004