Untrusted Search Path Vulnerability in IBM Lotus Expeditor
CVE-2012-0187

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Expeditor
Vendor: CVE Published:; 22 June 2012

Summary

Local users can exploit a vulnerability in IBM Lotus Expeditor by placing a malicious DLL file in the current working directory. This allows them to gain elevated privileges on the system, creating a security risk for users and administrators. The vulnerability affects versions 6.1.x and 6.2.x prior to 6.2 FP5+Security Pack, making timely updates essential for maintaining security.

References

http://www.ibm.com/support/docview.wss?uid=swg21575642

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/72097

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jun 22, 2012
Vulnerability Reserved
Dec 14, 2011