Untrusted Search Path Vulnerability in KeePass Password Safe by KeePass
CVE-2010-5196

Currently unrated

Key Information:

Vendor

Keepass

Status
Password Safe
Vendor
CVE Published:
6 September 2012

What is CVE-2010-5196?

A local privilege escalation vulnerability exists in KeePass Password Safe prior to version 2.13. This issue allows attackers to exploit an untrusted search path by placing a malicious DwmApi.dll file in the same directory as a .kdbx file. If a local user opens the KeePass application from this directory, the application may load the compromised DLL, potentially leading to unauthorized access and manipulation of sensitive password data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.corelan.be:8800/index.php/2010/08/25/dll-hijac...
x_refsource_MISC
http://www.keepass.info/news/n100906_2.13.html
x_refsource_CONFIRM
http://secunia.com/advisories/41167
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.