Untrusted Search Path Vulnerabilities in NCP Secure Enterprise Client Products
CVE-2010-5203

Currently unrated

Key Information:

Vendor: Ncp-e
Status: Secure Client; Secure Enterprise Client; Secure Entry Client
Vendor: CVE Published:; 6 September 2012

What is CVE-2010-5203?

Multiple untrusted search path vulnerabilities exist in NCP Secure Enterprise Client and its variants, enabling local users to escalate their privileges. By leveraging specific DLL files (such as dvccsabase002.dll, conman.dll, kmpapi32.dll, and ncpmon2.dll) placed in the current working directory, attackers can exploit these vulnerabilities. This exploitation method may potentially allow the execution of untrusted code when the client loads these malicious libraries, particularly in scenarios where .pcf or .spd files are present, posing a serious security risk to users and organizations relying on these applications.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.ncp-e.com/fileadmin/pdf/service_support/NCP_Cl...

x_refsource_CONFIRM

http://secunia.com/advisories/41388

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 6, 2012

JSON

Ncp-e

What is CVE-2010-5203?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.