Lucene search
IcscertCVE-2015-0978HistoryMar 14, 2015 - 1:59 a.m.
CVE-2015-0978
2015-03-1401:59:10
icscert
web.nvd.nist.gov
34
cve-2015-0978
untrusted search path
eqatec
analytics
win32_vc100
dll
elipse e3
privilege escalation
trojan horse
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.8
Confidence
Low
EPSS
0.001
Percentile
26.6%
Multiple untrusted search path vulnerabilities in (1) EQATEC.Analytics.Monitor.Win32_vc100.dll and (2) EQATEC.Analytics.Monitor.Win32_vc100-x64.dll in Elipse E3 4.5.232 through 4.6.161 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory. NOTE: this may overlap CVE-2015-2264.
Affected configurations
Node
elipsee3Match4.5
ORelipsee3Match4.6
Related
cvelist
cvelist
CVE-2015-0978
2015-03-14 01:00:00
CVE-2015-2264
2015-03-13 01:00:00
nvd
nvd
CVE-2015-0978
2015-03-14 01:59:10
CVE-2015-2264
2015-03-13 01:59:34
prion
prion
Design/Logic Flaw
2015-03-14 01:59:00
Directory traversal
2015-03-13 01:59:00
cert
cert
Telerik Analytics Monitor Library allows DLL hijacking
2015-03-10 00:00:00
ics
ics
Elipse E3 Process Control Vulnerability
2018-09-10 12:00:00
Elipse E3 Process Control Vulnerability (Update A)
2018-08-27 12:00:00
cve
cve
CVE-2015-2264
2015-03-13 01:59:34
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.8
Confidence
Low
EPSS
0.001
Percentile
26.6%
Related for CVE-2015-0978