Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3004

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2012-3004
Last Modified 10 Sep 2012 12:00:00
Published 08 Sep 2012 06:28:20
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2012-3004

Summary

Multiple untrusted search path vulnerabilities in RealFlex RealWin before 2.1.13, FlexView before 3.1.86, and RealWinDemo before 2.1.13 allow local users to gain privileges via a Trojan horse (1) realwin.dll or (2) keyhook.dll file in the current working directory.

Vulnerable Systems

Application

  • Realflex Flexview 3.1.85

  • Realflex Realwin 1.06

  • Realflex Realwin 2.0

  • Realflex Realwin 2.1

  • Realflex Realwin 2.1.12

  • Realflex Realwindemo 2.1.12


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-12-251-01.pdf


Last Updated: 27 May 2016 11:00:32