CVE-2011-0458

Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
VendorProductVersion
googlepicasa
𝑥
≤ 3.6
𝑥
= Vulnerable software versions
References
http://jvn.jp/en/jp/JVN99977321/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000022
http://osvdb.org/71281
http://secunia.com/advisories/43853
http://www.securityfocus.com/bid/47031
http://www.vupen.com/english/advisories/2011/0766
https://exchange.xforce.ibmcloud.com/vulnerabilities/66295
http://jvn.jp/en/jp/JVN99977321/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000022
http://osvdb.org/71281
http://secunia.com/advisories/43853
http://www.securityfocus.com/bid/47031
http://www.vupen.com/english/advisories/2011/0766
https://exchange.xforce.ibmcloud.com/vulnerabilities/66295