CVE-2010-3165

Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and earlier, OuiEditor 1.6.1.1 and earlier, UnEditor 1.10.1.2 and earlier, DeuxEditor 1.7.1.2 and earlier, SQLEditorXP 3.14.1.2 and earlier, SQLEditorTE 1.9.1.3 and earlier, SQLEditor8 3.8.1.2 and earlier, and SQLEditorClassic 1.8.1.3 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
yokkasoftdeuxeditor
𝑥
≤ 1.7.1.2
yokkasoftnoeditor
𝑥
≤ 1.33.1.1
yokkasoftouieditor
𝑥
≤ 1.6.1.1
yokkasoftsqleditor8
𝑥
≤ 3.8.1.2
yokkasoftsqleditorclassic
𝑥
≤ 1.8.1.3
yokkasoftsqleditorte
𝑥
≤ 1.9.1.3
yokkasoftsqleditorxp
𝑥
≤ 3.14.1.2
yokkasoftuneditor
𝑥
≤ 1.10.1.2
𝑥
= Vulnerable software versions
References
http://jvn.jp/en/jp/JVN07497935/index.html
http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000049.html
http://jvn.jp/en/jp/JVN07497935/index.html
http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000049.html