CVE-2010-5250

Name of the Vulnerable Software and Affected Versions Pthreads-win32 version 2.8.0

Description The issue is related to an untrusted search path vulnerability in the pthread win32 process attach np function in pthreadGC2.dll. This allows local users to gain privileges via a Trojan horse quserex.dll file in the current working directory.

Recommendations For Pthreads-win32 version 2.8.0, consider restricting access to the pthread win32 process attach np function until a patch is available. As a temporary workaround, avoid using the pthreadGC2.dll in sensitive operations to minimize the risk of exploitation.