9.3

CVE-2010-3138

Exploit
Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that contains a .avi, .mka, .ra, or .ram file, aka "Indeo Codec Insecure Library Loading Vulnerability." NOTE: some of these details are obtained from third party information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 26.69% 0.978
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://osvdb.org/67588
http://secunia.com/advisories/41114
Vendor Advisory
http://www.exploit-db.com/exploits/14765
Exploit
http://www.exploit-db.com/exploits/14788
Exploit
http://www.us-cert.gov/cas/techalerts/TA12-045A.html
US Government Resource
http://www.vupen.com/english/advisories/2010/2190
Vendor Advisory
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4956.php
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-014
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7132