9.3

CVE-2011-0029

Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Insecure Library Loading Vulnerability."

Data is provided by the National Vulnerability Database (NVD)
MicrosoftRemote Desktop Connection Client Version5.2
   MicrosoftWindows Xp Updatesp3
MicrosoftWindows Xp Version- Updatesp2 Editionx64
MicrosoftRemote Desktop Connection Client Version7.0
   MicrosoftWindows Vista Updatesp1
   MicrosoftWindows Vista Updatesp2
   MicrosoftWindows Xp Updatesp3
MicrosoftWindows 7 Version-
   MicrosoftWindows Vista Updatesp1
   MicrosoftWindows Vista Updatesp2
   MicrosoftWindows Xp Updatesp3
MicrosoftWindows Server 2008 Versionr2 Editionitanium
   MicrosoftWindows Vista Updatesp1
   MicrosoftWindows Vista Updatesp2
   MicrosoftWindows Xp Updatesp3
MicrosoftWindows Server 2008 Versionr2 Editionx64
   MicrosoftWindows Vista Updatesp1
   MicrosoftWindows Vista Updatesp2
   MicrosoftWindows Xp Updatesp3
MicrosoftWindows Server 2008 Editionitanium
MicrosoftWindows Server 2008 Updatesp2 Editionx32
MicrosoftWindows Server 2008 Updatesp2 Editionx64
MicrosoftWindows Server 2008 Version- Updatesp2 Editionitanium
MicrosoftWindows Vista Updatesp1
MicrosoftWindows Vista Updatesp2
MicrosoftWindows Xp Updatesp3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 34.74% 0.969
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.4 1.4 5.9
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H