CVE-2010-3165

EUVD-2010-3165
Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and earlier, OuiEditor 1.6.1.1 and earlier, UnEditor 1.10.1.2 and earlier, DeuxEditor 1.7.1.2 and earlier, SQLEditorXP 3.14.1.2 and earlier, SQLEditorTE 1.9.1.3 and earlier, SQLEditor8 3.8.1.2 and earlier, and SQLEditorClassic 1.8.1.3 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
Affected Products (NVD)
VendorProductVersion
yokkasoftdeuxeditor
𝑥
≤ 1.7.1.2
yokkasoftnoeditor
𝑥
≤ 1.33.1.1
yokkasoftouieditor
𝑥
≤ 1.6.1.1
yokkasoftsqleditor8
𝑥
≤ 3.8.1.2
yokkasoftsqleditorclassic
𝑥
≤ 1.8.1.3
yokkasoftsqleditorte
𝑥
≤ 1.9.1.3
yokkasoftsqleditorxp
𝑥
≤ 3.14.1.2
yokkasoftuneditor
𝑥
≤ 1.10.1.2
𝑥
= Vulnerable software versions
References
http://jvn.jp/en/jp/JVN07497935/index.html
http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000049.html
http://jvn.jp/en/jp/JVN07497935/index.html
http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000049.html