// For flags

CVE-2013-1092

 

Severity Score

7.2
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple unquoted Windows search path vulnerabilities in Novell ZENworks Desktop Management (ZDM) 7 through 7.1 might allow local users to gain privileges via a Trojan horse "program" file in the C: folder, related to an attempted launch of (1) ZenRem32.exe or (2) wm.exe.

Múltiples vulnerabilidades de búsqueda de ruta Windows sin entrecomillar en Novell ZENworks Desktop Management (ZDM)7 a la versión 7.1, podría permitir a usuarios locales elevar sus privilegios a través de un troyano en la carpeta C:. Relacionado con el intento de ejecutar (1) ZenRem32.exe o (2) wm.exe.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-01-11 CVE Reserved
  • 2013-05-05 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Novell
Search vendor "Novell"
Zenworks Desktop Management
Search vendor "Novell" for product "Zenworks Desktop Management"
7
Search vendor "Novell" for product "Zenworks Desktop Management" and version "7"
-
Affected
Novell
Search vendor "Novell"
Zenworks Desktop Management
Search vendor "Novell" for product "Zenworks Desktop Management"
7.1
Search vendor "Novell" for product "Zenworks Desktop Management" and version "7.1"
-
Affected