Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-5082

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2010-5082
Last Modified 15 Nov 2013 12:31:42
Published 17 Jan 2012 02:55:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2010-5082

Summary

Untrusted search path vulnerability in colorcpl.exe 6.0.6000.16386 in the Color Control Panel in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 allows local users to gain privileges via a Trojan horse sti.dll file in the current working directory, as demonstrated by a directory that contains a .camp, .cdmp, .gmmp, .icc, or .icm file, aka "Color Control Panel Insecure Library Loading Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows Server 2008

  • Microsoft Windows Server 2008 -

  • Microsoft Windows Server 2008 Sp2


References

MISC - http://shinnai.altervista.org/exploits/SH-006-20100914.html

MS - MS12-012

CERT - TA12-045A

Related Patches

MS12-012 Security Update for Windows Server 2008 (KB2643719)

MS12-012 Security Update for Windows Server 2008 x64 (KB2643719)

MS12-012 Security Update for Windows Server 2008 R2 x64 (KB2643719)


Last Updated: 27 May 2016 10:56:28