CVE-2013-0110

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.nvidia.com/object/product-security.html", "name": "http://www.nvidia.com/object/product-security.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.kb.cert.org/vuls/id/957036", "name": "VU#957036", "tags": ["US Government Resource"], "refsource": "CERT-VN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks \" (double quote) characters in the service path, which allows local users to gain privileges via a Trojan horse program."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2013-0110", "ASSIGNER": "cert@cert.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "MEDIUM", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2013-04-08T16:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:nvidia:driver:310.00:-:*:*:*:windows:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:nvidia:driver:*:-:*:*:*:windows:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "307.00"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2013-04-09T14:19Z"}