Vulnerabilities > CVE-2012-5188 - Arbitrary Code Execution vulnerability in Labelgate Mora Downloader 1.0.0.0

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

labelgate

critical

NVD

Published: 2013-02-14

Updated: 2013-02-19

Summary

Untrusted search path vulnerability in mora Downloader before 1.0.0.1 allows remote attackers to trigger the launch of a .exe file via unspecified vectors. Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'

Vulnerable Configurations

Part	Description	Count
Application	Labelgate Labelgate Mora Downloader 1.0.0.0	1

References

http://jvn.jp/en/jp/JVN91387819/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000006
http://mora.jp/help/information?60