CVE-2012-4755

Name of the Vulnerable Software and Affected Versions SciTools Understand versions prior to 2.6 build 600

Description The issue allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory. This can be demonstrated by a directory that contains a .udb file.

Recommendations For versions prior to 2.6 build 600, update to version 2.6 build 600 or later to resolve the issue. As a temporary workaround, consider restricting access to the current working directory to minimize the risk of exploitation. Avoid using untrusted search paths until the issue is resolved.