CVE-2013-0110

nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:S/C:C/I:C/A:C
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
nvidiadriver
𝑥
≤ 307.00
nvidiadriver
310.00
𝑥
= Vulnerable software versions
References
http://www.kb.cert.org/vuls/id/957036
http://www.nvidia.com/object/product-security.html
http://www.kb.cert.org/vuls/id/957036
http://www.nvidia.com/object/product-security.html