Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0009

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-0009
Last Modified 06 Mar 2013 11:50:21
Published 10 Jan 2012 04:55:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0009

Summary

Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as demonstrated by a directory that contains a file with an embedded packaged object, aka "Object Packager Insecure Executable Launching Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows Server 2003

  • Microsoft Windows Xp


References

MS - MS12-002

SECTRACK - 1026494

BID - 51297

SECUNIA - 45189

CERT - TA12-010A

Related Patches

MS12-002 Security Update for Windows Server 2003 (KB2603381)

MS12-002 Security Update for Windows XP (KB2603381)

MS12-002 Security Update for Windows Server 2003 x64 (KB2603381)


Last Updated: 27 May 2016 10:58:02