Vulnerabilities > CVE-2013-3485 - Insecure Library Loading Arbitrary Code Execution vulnerability in Lulusoftware Soda PDF 5.1.183.10520

CVSS 6.9 - MEDIUM

Attack vector

LOCAL

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

lulusoftware

NVD

Published: 2013-08-30

Updated: 2013-09-05

Summary

Multiple untrusted search path vulnerabilities in Soda PDF 5.1.183.10520 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) api-ms-win-core-localregistry-l1-1-0.dll file in the current working directory.

Vulnerable Configurations

Part	Description	Count
Application	Lulusoftware Lulusoftware Soda PDF 5.1.183.10520	1

References

http://secunia.com/advisories/53207