CVE-2010-5243

Name of the Vulnerable Software and Affected Versions Cyberlink Power2Go version 7.0.0.0816

Description The issue allows local users to gain privileges via a Trojan horse dwmapi.dll or MFC71LOC.DLL file in the current working directory. This can be demonstrated by a directory that contains a .p2g, .iso, .pdl, .pds, or .p2i file.

Recommendations For Cyberlink Power2Go version 7.0.0.0816, consider restricting access to untrusted search paths to minimize the risk of exploitation. As a temporary workaround, avoid using directories that contain .p2g, .iso, .pdl, .pds, or .p2i files. At the moment, there is no information about a newer version that contains a fix for this issue.