CVE-2012-0009
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as demonstrated by a directory that contains a file with an embedded packaged object, aka "Object Packager Insecure Executable Launching Vulnerability."
Una vulnerabilidad de ruta de búsqueda no confiable en la configuracion de Windows Object Packager en Microsoft Windows XP SP2 y SP3 y Server 2003 SP2 permite a usuarios locales conseguir privilegios a través de un archivo troyano ejecutable en el directorio de trabajo actual, como se puede demostrar al tener un directorio que contiene un archivo con una objeto empaquetado incrustado. Se trata de un problema también conocido como "vulnerabilidad de de lanzamiento de ejecutables inseguros de Windows Object Packager".
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-11-09 CVE Reserved
- 2012-01-10 CVE Published
- 2024-08-06 CVE Updated
- 2024-10-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/45189 | Third Party Advisory | |
| http://www.securityfocus.com/bid/51297 | Vdb Entry | |
| http://www.securitytracker.com/id?1026494 | Vdb Entry | |
| http://www.us-cert.gov/cas/techalerts/TA12-010A.html | Third Party Advisory | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14393 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-002 | 2019-02-26 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Windows Server 2003 Search vendor "Microsoft" for product "Windows Server 2003" | * | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp2, professional_x64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp3 |
Affected
| ||||||