Untrusted search path vulnerability in colorcpl.exe in the Color Control Panel in Microsoft WindowsID: oval:org.secpod.oval:def:3937 | Date: (C)2012-02-09 (M)2022-03-02 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Windows Server 2008 or Microsoft Windows Server 2008 R2 and is prone to untrusted search path vulnerability. A flaw is present in the Color Control Panel, which allows dll hijacking via a Trojan horse sti.dll file in the current working directory. Successful exploitation allows attackers to gain privileges.
Platform: |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |