PT-2012-1440 · Bentley Systems+1 · Mptools.Dll+4
Published
2012-09-07
·
Updated
2012-09-11
·
CVE-2010-5230
CVSS v2.0
6.9
Medium
| Vector | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
MicroStation version 7.1
Description
The issue allows local users to gain privileges via a Trojan horse file in the current working directory. This can be achieved by placing a malicious (1)
mptools.dll, (2) baseman.dll, (3) wintab32.dll, or (4) wintab.dll file in a directory that contains a .hln or .rdl file.Recommendations
For MicroStation version 7.1, consider restricting access to the current working directory to prevent malicious files from being placed there, and avoid using untrusted search paths to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Microstation
Baseman.Dll
Mptools.Dll
Wintab.Dll
Wintab32.Dll