CVE-2010-2368
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
18/10/2010
Last modified:
11/04/2025
Description
Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Impact
Base Score 2.0
6.90
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:lhaplus:lhaplus:*:*:*:*:*:*:*:* | 1.57 (including) | |
| cpe:2.3:a:lhaplus:lhaplus:1.52:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lhaplus:lhaplus:1.53:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lhaplus:lhaplus:1.55:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lhaplus:lhaplus:1.56:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://jvn.jp/en/jp/JVN82752978/index.html
- http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000037.html
- http://secunia.com/advisories/41742
- http://www.ipa.go.jp/about/press/20101012.html
- http://www7a.biglobe.ne.jp/~schezo/dll_vul.html
- http://jvn.jp/en/jp/JVN82752978/index.html
- http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000037.html
- http://secunia.com/advisories/41742
- http://www.ipa.go.jp/about/press/20101012.html
- http://www7a.biglobe.ne.jp/~schezo/dll_vul.html