CVE-2010-5252

Advisory lineage Upstream: 0 Downstream: 1

Downstream

OPENSUSE-SU-2024:10580-1

Modified

Published: 07 Sept 2012, 10:00

Last modified:17 Sept 2024, 01:45

Vulnerability Summary

Overall Risk (default)

medium

28/100

CVSS Score

6.9 MEDIUM

v2.0 (nvd)

EPSS Score

0.06% LOW

0% probability -0.01%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

07 Sept 2012, 10:00

Published

Vulnerability first disclosed

17 Sept 2024, 01:45

Last Modified

Vulnerability information updated

Description

Untrusted search path vulnerability in HTTrack 3.43-9 allows local users to gain privileges via a Trojan horse httrack-plugin.dll file in the current working directory, as demonstrated by a directory that contains a .whtt file. NOTE: some of these details are obtained from third party information.

CVSS Metrics

v2.0•MEDIUM•Score: 6.9AV:L/AC:M/Au:N/C:C/I:C/A:C

EPSS Trends

Current EPSS score: 0.06%• Percentile: 18%

Affected Systems

httrack•httrack
3.43-9

References (2)

http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/
http://secunia.com/advisories/41224