PT-2012-5635 · Dassault Systèmes · 3Dvia Composer

Publicado

2012-09-07

Atualizado

2012-09-17

CVE-2012-4883

CVSS v2.0

6.9

Média

Vetor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions 3DVIA Composer V6R2012 HF1 Build 6.8.1.1652

Description The issue allows local users to gain privileges via a Trojan horse dwmapi.dll or ibfs32.dll file in the current working directory. This can be demonstrated by a directory that contains a .smg file.

Recommendations For 3DVIA Composer V6R2012 HF1 Build 6.8.1.1652, consider restricting access to the current working directory to prevent the placement of malicious dwmapi.dll or ibfs32.dll files until a patch is available. As a temporary workaround, avoid using directories that contain .smg files.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2012-4883

Produtos afetados

3Dvia Composer

PT-2012-5635 · Dassault Systèmes · 3Dvia Composer

CVE-2012-4883

Identificadores relacionados

Produtos afetados

Referências · 2