Untrusted Search Path Vulnerability in GFI Backup 3.1 Home Edition
CVE-2010-5254

Currently unrated

Key Information:

Vendor: Gfi
Status: Gfi Backup 2009
Vendor: CVE Published:; 7 September 2012

What is CVE-2010-5254?

The untrusted search path vulnerability in GFI Backup 3.1 Home Edition allows local users to exploit privileged access by placing a malicious ArmAccess.dll file in the current working directory. This is facilitated by the presence of certain file types, such as .gbc or .gbt files. Attackers can leverage this vulnerability to execute arbitrary code with elevated privileges, leading to potential system compromise. Users should be aware of this risk and take necessary precautions to secure their environments.

References

http://www.corelan.be:8800/index.php/2010/08/25/dll-hijac...

x_refsource_MISC

http://secunia.com/advisories/41226

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 7, 2012

Gfi

What is CVE-2010-5254?

References

Timeline