Untrusted Search Path Vulnerability in SmartFTP by SmartSoft
CVE-2010-5219

Currently unrated

Key Information:

Vendor: Smartftp
Status: Smartftp
Vendor: CVE Published:; 6 September 2012

What is CVE-2010-5219?

An untrusted search path vulnerability exists in SmartFTP version 4.0.1140.0 that allows local users to gain elevated privileges if they place a malicious dwmapi.dll file in the current working directory. This attack can be facilitated through the presence of other files such as .txt, .html, or .mpg, creating a potential risk for system integrity. Users are encouraged to review their system configurations and limit the use of untrusted directories, especially when running applications that may utilize these paths.

References

http://secunia.com/advisories/41808

third-party-advisoryx_refsource_SECUNIA

http://packetstormsecurity.org/1010-exploits/smartftp4-dl...

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 6, 2012

JSON

Smartftp

What is CVE-2010-5219?

References

Timeline