Vulnerabilities > CVE-2010-5227 - Unspecified vulnerability in Opera
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Untrusted search path vulnerability in Opera before 10.62 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .htm, .mht, .mhtml, .xht, .xhtm, or .xhtl file. NOTE: some of these details are obtained from third party information. Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426 Untrusted Search Path'
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Opera v10.61 DLL Hijacking Exploit (dwmapi.dll). CVE-2010-5227. Local exploit for windows platform |
file | exploits/windows/local/14732.c |
id | EDB-ID:14732 |
last seen | 2016-02-01 |
modified | 2010-08-24 |
platform | windows |
port | |
published | 2010-08-24 |
reporter | Nicolas Krassas |
source | https://www.exploit-db.com/download/14732/ |
title | Opera 10.61 - DLL Hijacking Exploit dwmapi.dll |
type | local |
Nessus
NASL family | Windows |
NASL id | OPERA_1062.NASL |
description | The version of Opera installed on the remote host is earlier than 10.62. Such versions insecurely look in their current working directory when resolving DLL dependencies, such as for |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 49174 |
published | 2010-09-10 |
reporter | This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/49174 |
title | Opera < 10.62 Path Subversion Arbitrary DLL Injection Code Execution |
code |
|