QwikSec

Security Database

CVE

CWE

Training

CVE-2010-5272

Published: Sep 7, 2012

Modified: Sep 16, 2024

PUBLISHED

Description

Untrusted search path vulnerability in Altova DatabaseSpy 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .qprj file. NOTE: some of these details are obtained from third party information.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.coresecurity.com/content/altova-databasespy-2011-dwmapi-dll-hijacking-exploit-10-5

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.