CVE-2014-1680
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
14/02/2014
Last modified:
11/04/2025
Description
Untrusted search path vulnerability in Bandisoft Bandizip before 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory.
Impact
Base Score 2.0
6.90
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:bandisoft:bandizip:*:*:*:*:*:*:*:* | 3.09 (including) | |
cpe:2.3:a:bandisoft:bandizip:3.00:*:*:*:*:*:*:* | ||
cpe:2.3:a:bandisoft:bandizip:3.01:*:*:*:*:*:*:* | ||
cpe:2.3:a:bandisoft:bandizip:3.02:*:*:*:*:*:*:* | ||
cpe:2.3:a:bandisoft:bandizip:3.03:*:*:*:*:*:*:* | ||
cpe:2.3:a:bandisoft:bandizip:3.04:*:*:*:*:*:*:* | ||
cpe:2.3:a:bandisoft:bandizip:3.05:*:*:*:*:*:*:* | ||
cpe:2.3:a:bandisoft:bandizip:3.06:*:*:*:*:*:*:* | ||
cpe:2.3:a:bandisoft:bandizip:3.07:*:*:*:*:*:*:* | ||
cpe:2.3:a:bandisoft:bandizip:3.08:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://osvdb.org/102979
- http://packetstormsecurity.com/files/125059
- http://www.bandisoft.com/bandizip/history
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90966
- http://osvdb.org/102979
- http://packetstormsecurity.com/files/125059
- http://www.bandisoft.com/bandizip/history
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90966