Untrusted search path vulnerability in Lunascape before 6.4.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C
Vendors Products
Lunascape
  • Lunascape

Configuration 1 [-]

OR cpe:2.3:a:lunascape:lunascape:*:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:4.1:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:5.0:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:5.1:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:5.1.4:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:5.1.5:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:5.1.6:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.0:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.1:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.1.1:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.1.2:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.1.3:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.1.4:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.1.5:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.1.6:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.1.7:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.2:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.3:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.3.0:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.3.1:*:*:*:*:*:*:*
cpe:2.3:a:lunascape:lunascape:6.3.2:*:*:*:*:*:*:*
References
Link Resource
http://help.lunascape.tv/LunascapeHelp-en/page.aspx?pageid=ver_6_4_11
http://jvn.jp/en/jp/JVN94695018/296426/index.html
http://jvn.jp/en/jp/JVN94695018/index.html
http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000004.html
http://lunapedia.lunascape.jp/index.php?title=Lunascape6#2011.2F01.2F19_ver_6.4.1
http://osvdb.org/70604
http://secunia.com/advisories/43003 Vendor Advisory
http://www.securityfocus.com/bid/45945
https://exchange.xforce.ibmcloud.com/vulnerabilities/64849
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: jpcert

Published: 2011-01-24T17:00:00

Updated: 2017-08-16T14:57:01

Reserved: 2010-10-12T00:00:00

Link: CVE-2010-3927

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2011-01-24T18:00:03.610

Modified: 2017-08-17T01:33:04.977

Link: CVE-2010-3927

JSON object: View

cve-icon Redhat Information

No data.

CWE