Lucene search

[email protected]NVD:CVE-2015-2264

HistoryMar 13, 2015 - 1:59 a.m.

CVE-2015-2264

2015-03-1301:59:34

[email protected]

web.nvd.nist.gov

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

0.001

Percentile

26.6%

JSON

Multiple untrusted search path vulnerabilities in (1) EQATEC.Analytics.Monitor.Win32_vc100.dll and (2) EQATEC.Analytics.Monitor.Win32_vc100-x64.dll in Telerik Analytics Monitor Library before 3.2.125 allow local users to gain privileges via a Trojan horse (a) csunsapi.dll, (b) swift.dll, © nfhwcrhk.dll, or (d) surewarehook.dll file in an unspecified directory.

Affected configurations

Nvd

Node

telerikanalytics_monitor_libraryRange≤3.2.122

VendorProductVersionCPE
telerikanalytics_monitor_library*cpe:2.3:a:telerik:analytics_monitor_library:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
telerik	analytics_monitor_library	*	cpe:2.3:a:telerik:analytics_monitor_library::::::::

References

www.kb.cert.org/vuls/id/794095

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

0.001

Percentile

26.6%

JSON

Related for NVD:CVE-2015-2264

cvelist2 prion2 cve2 nvd1