Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0009


Vulnerability Score 9.3 9.3
CVE Id CVE-2012-0009
Last Modified 06 Mar 2013 11:50:21
Published 10 Jan 2012 04:55:03
Confidentiality Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as demonstrated by a directory that contains a file with an embedded packaged object, aka "Object Packager Insecure Executable Launching Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows Server 2003

  • Microsoft Windows Xp


MS - MS12-002

SECTRACK - 1026494

BID - 51297

SECUNIA - 45189

CERT - TA12-010A

Related Patches

MS12-002 Security Update for Windows Server 2003 (KB2603381)

MS12-002 Security Update for Windows XP (KB2603381)

MS12-002 Security Update for Windows Server 2003 x64 (KB2603381)

Last Updated: 27 May 2016 10:58:02