// For flags

CVE-2010-5254

 

Severity Score

6.9
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Untrusted search path vulnerability in GFI Backup 3.1 Build 20100730 2009 Home Edition allows local users to gain privileges via a Trojan horse ArmAccess.dll file in the current working directory, as demonstrated by a directory that contains a .gbc or .gbt file. NOTE: some of these details are obtained from third party information.

Vulnerabilidad de ruta de búsqueda no confiable en GFI Backup v3.1 Build 20100730 2009 Home Edition, permite a usuarios locales ganar privilegios a través de un archivo de caballo de troya ArmAccess.dll en el directorio de trabajo actual, como se demostró con un directorio que contiene un archivo .gbc o .gbt. NOTA: algunos de estos detalles han sido obtenidos de fuentes de terceros.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-09-07 CVE Reserved
  • 2012-09-07 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-17 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Gfi
Search vendor "Gfi"
 Gfi Backup 2009
Search vendor "Gfi" for product "Gfi Backup 2009"
 3.1
Search vendor "Gfi" for product "Gfi Backup 2009" and version "3.1"
home
Affected