CVE-2010-5238

Name of the Vulnerable Software and Affected Versions CyberLink PowerDirector version 8.00.3022

Description The issue allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. This can be demonstrated by a directory that contains a .pdl, .iso, .pds, .p2g, or .p2i file.

Recommendations For CyberLink PowerDirector version 8.00.3022, consider restricting access to the current working directory to minimize the risk of exploitation. As a temporary workaround, avoid using directories that contain .pdl, .iso, .pds, .p2g, or .p2i files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.