Untrusted Search Path Vulnerability in Zend Server by Zend Technologies
CVE-2012-5382

Currently unrated

Key Information:

Vendor: Zend
Status: Zend Server
Vendor: CVE Published:; 11 October 2012

What is CVE-2012-5382?

An untrusted search path vulnerability exists in the installation functionality of Zend Server when installed in the top-level C:\ directory. This vulnerability allows local users to exploit the system by placing a malicious DLL within a directory that is included in the system's PATH environment variable, specifically C:\Zend\ZendServer\share\ZendFramework\bin. This could lead to unauthorized privilege escalation, potentially compromising the system's security. The presence of a Trojan horse DLL, such as wlbsctrl.dll, demonstrates how this vulnerability can be leveraged within various Windows environments, including Windows Vista SP1, Windows Server 2008 SP2, and Windows 7 SP1.

References

http://osvdb.org/86174

vdb-entryx_refsource_OSVDB

https://www.htbridge.com/advisory/HTB23108

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 11, 2012
Vulnerability Reserved
Oct 11, 2012