Vulnerabilities > Ultraedit

DATE CVE VULNERABILITY TITLE RISK
2020-03-02 CVE-2017-12580 Untrusted Search Path vulnerability in Ultraedit
An issue was discovered in IDM UltraEdit through 24.10.0.32.
6.9
2010-09-16 CVE-2010-3402 DLL Loading Arbitrary Code Execution vulnerability in IDM Computer Solutions UltraEdit 'dwmapi.dll'
Untrusted search path vulnerability in IDM Computer Solutions UltraEdit 16.20.0.1009, 16.10.0.1036, and probably other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a bin, cpp, css, c, dat, hpp, html, h, ini, java, log, mak, php, prj, txt, or xml file.
network
ultraedit
critical
9.3
2001-08-31 CVE-2001-0983 Local Security vulnerability in Ultraedit-32
UltraEdit uses weak encryption to record FTP passwords in the uedit32.ini file, which allows local users who can read the file to decrypt the passwords and gain privileges.
local
low complexity
ultraedit
4.6