Untrusted Search Path Vulnerabilities in IBM Lotus Symphony
CVE-2010-5204

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Symphony
Vendor: CVE Published:; 6 September 2012

Summary

Multiple vulnerabilities in IBM Lotus Symphony 1.3.0 allow local users to escalate privileges by exploiting untrusted search paths. These vulnerabilities can be triggered through the presence of malicious DLL files such as eclipse_1114.dll or emser645mi.dll in the current working directory. This security flaw is particularly concerning as it affects various file types, including .odm, .odt, .otp, .stc, .stw, .sxg, and .sxw, potentially leading to unauthorized access and control over the affected system.

References

http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%...

x_refsource_MISC

http://secunia.com/advisories/41400

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 6, 2012