CVE-2010-3165

Name of the Vulnerable Software and Affected Versions Yokka NoEditor versions 1.33.1.1 and earlier OuiEditor versions 1.6.1.1 and earlier UnEditor versions 1.10.1.2 and earlier DeuxEditor versions 1.7.1.2 and earlier SQLEditorXP versions 3.14.1.2 and earlier SQLEditorTE versions 1.9.1.3 and earlier SQLEditor8 versions 3.8.1.2 and earlier SQLEditorClassic versions 1.8.1.3 and earlier

Description The issue allows local users to gain privileges via a Trojan horse executable file in the current working directory due to an untrusted search path vulnerability.

Recommendations Yokka NoEditor versions 1.33.1.1 and earlier: Update to a version later than 1.33.1.1 to resolve the issue. OuiEditor versions 1.6.1.1 and earlier: Update to a version later than 1.6.1.1 to resolve the issue. UnEditor versions 1.10.1.2 and earlier: Update to a version later than 1.10.1.2 to resolve the issue. DeuxEditor versions 1.7.1.2 and earlier: Update to a version later than 1.7.1.2 to resolve the issue. SQLEditorXP versions 3.14.1.2 and earlier: Update to a version later than 3.14.1.2 to resolve the issue. SQLEditorTE versions 1.9.1.3 and earlier: Update to a version later than 1.9.1.3 to resolve the issue. SQLEditor8 versions 3.8.1.2 and earlier: Update to a version later than 3.8.1.2 to resolve the issue. SQLEditorClassic versions 1.8.1.3 and earlier: Update to a version later than 1.8.1.3 to resolve the issue.