CVE-2012-4897

Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
VendorProductVersion
vmwaremovie_decoder
𝑥
≤ 7.1.2
vmwaremovie_decoder
6.5.2
vmwaremovie_decoder
6.5.3
vmwaremovie_decoder
6.5.4
vmwaremovie_decoder
6.5.5
vmwaremovie_decoder
7.0
𝑥
= Vulnerable software versions
References
http://archives.neohapsis.com/archives/bugtraq/2012-10/0069.html
http://osvdb.org/85957
http://www.securityfocus.com/bid/55802
http://www.vmware.com/security/advisories/VMSA-2012-0014.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/79046
http://archives.neohapsis.com/archives/bugtraq/2012-10/0069.html
http://osvdb.org/85957
http://www.securityfocus.com/bid/55802
http://www.vmware.com/security/advisories/VMSA-2012-0014.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/79046