CVE-2010-5082
Description
Untrusted search path vulnerability in colorcpl.exe 6.0.6000.16386 in the Color Control Panel in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 allows local users to gain privileges via a Trojan horse sti.dll file in the current working directory, as demonstrated by a directory that contains a .camp, .cdmp, .gmmp, .icc, or .icm file, aka Color Control Panel Insecure Library Loading Vulnerability.
Risk Information
Base Score
7.8
MODERATE
Vector
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
44.271
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| ms12-012: vulnerability in color control panel could allow remote code execution: february 14, 2012 for Windows Server 2008 (KB2643719) | Windows |
| ms12-012: vulnerability in color control panel could allow remote code execution: february 14, 2012 for Windows Server 2008 x64 Edition (KB2643719) | Windows |
| ms12-012: vulnerability in color control panel could allow remote code execution: february 14, 2012 for Windows Server 2008 R2 x64 Edition (KB2643719) | Windows |
| ms12-012: vulnerability in color control panel could allow remote code execution: february 14, 2012 for Windows Server 2008 R2 x64 Edition (KB2643719) for SP1 | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-11526 | Security Update for Windows Server 2008 R2 x64 Edition (KB2643719) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234