[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2011-1975Date: (C)2011-08-10   (M)2023-12-22


Untrusted search path vulnerability in the Data Access Tracing component in Windows Data Access Components (Windows DAC) 6.0 in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an Excel .xlsx file, aka "Data Access Components Insecure Library Loading Vulnerability."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
MS11-059
TA11-221A
oval:org.mitre.oval:def:12936

CPE    5
cpe:/o:microsoft:windows_7:-:sp1:x86
cpe:/o:microsoft:windows_7:-:sp1:x64
cpe:/o:microsoft:windows_server_2008:r2::x64
cpe:/o:microsoft:windows_7:-
...
OVAL    2
oval:org.secpod.oval:def:1737
oval:org.secpod.oval:def:1736

© SecPod Technologies