Lucene search

[email protected]CVE-2012-4880

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-4880

2022-10-0316:15:33

[email protected]

web.nvd.nist.gov

cve-2012-4880

dvd architect pro

dvd architect studio

untrusted search path

vulnerability

local privileges

trojan horse

enc_mp2v.200

cfhddecoder.dll

nvd

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.9%

JSON

Multiple untrusted search path vulnerabilities in DVD Architect Pro 5.2 Build 133 and DVD Architect Studio 5.0 Build 156 allow local users to gain privileges via a Trojan horse (1) enc_mp2v.200 or (2) CFHDDecoder.dll file in the current working directory, as demonstrated by a directory that contains a .dar file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

sonydvd_architect_proMatch5.2

sonydvd_architect_studioMatch5.0

CPENameOperatorVersion
sony:dvd_architect_prosony dvd architect proeq5.2
sony:dvd_architect_studiosony dvd architect studioeq5.0

CPE	Name	Operator	Version
sony:dvd_architect_pro	sony dvd architect pro	eq	5.2
sony:dvd_architect_studio	sony dvd architect studio	eq	5.0

References

secunia.com/advisories/47282

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.9%

JSON

Related for CVE-2012-4880

cvelist1 nvd1 prion1