CVE-2010-4831

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2010-4831
Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in GTK+ before 2.21.8 allows local users to gain privileges via a Trojan horse Wintab32.dll file in the current working directory.

6.9 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 3.4 / Impact : 10.0

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000072
http://www.securityfocus.com/bid/49449
http://secunia.com/advisories/45815 Vendor Advisory
http://ftp.gnome.org/pub/gnome/sources/gtk+/2.21/gtk+-2.21.8.changes Patch
http://jvn.jp/en/jp/JVN58019849/index.html
http://git.gnome.org/browse/gtk+/commit/gdk/win32/gdkinput-win32.c?h=gtk-2-24&id=88f54ea47d4a55bbbf9e34a7a0502f365eb69ae5&ss=1 Patch
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gtk:gtk\+:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.20.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.20.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.19.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.19.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.18.9:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.18.7:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.18.8:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.12.10:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.16.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.14.7:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.17.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.13.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.21.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.12.9:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.12.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.14.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.16.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.12.8:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.16.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.12.7:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.18.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.21.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.16.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.13.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.12.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.3.9:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.18.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.17.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.7.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.17.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.14.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.15.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.9.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.15:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.11.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.13.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.13.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.19.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:*:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.18.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.10:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.19.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.8:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.16.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.15.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.17.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.17.10:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.12.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.12.12:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.9.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.11.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.14.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.13:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.10:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.12:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.7.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.9:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.19.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.9:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.20:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.7:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.15.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.14.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.21.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.11:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.11.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.7.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.11.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.6.9:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.3.12:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.11:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.6.8:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.13:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.6.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.18.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.12.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.3.13:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.17.8:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.8:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.14:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.18:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.15.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.17.7:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.17:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.19.7:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.12.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.14:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.3.10:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.21.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.21.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.1.15:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.9.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.13.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.11.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.5.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.3.15:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.1.12:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.19:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.3.14:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.11.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.12:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.14.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.6.7:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.15.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.17.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.10:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.13.7:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.17.9:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.18.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.9.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.14.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.16.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.17.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.19.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.7:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.21.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.18.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.12.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.17.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.6.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.9:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.14:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.14.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.21.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.11.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.13.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.11:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.6.10:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.16.6:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.15.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.7.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.18.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.12.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.12:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.13.5:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.3.11:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.17.11:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.12.11:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.7.2:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.10.7:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.4.13:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.8.16:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.19.3:*:*:*:*:*:*:*
cpe:2.3:a:gtk:gtk\+:2.1.5:*:*:*:*:*:*:*
Information

Published : 2011-09-06 08:55

Updated : 2011-09-14 21:00

NVD link : CVE-2010-4831

Mitre link : CVE-2010-4831

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

gtk

  • gtk\+