CVE-2012-5378

Name of the Vulnerable Software and Affected Versions ActiveTcl version 8.5.12

Description The issue concerns an untrusted search path vulnerability in the installation functionality. This vulnerability allows local users to gain privileges via a Trojan horse DLL in the C:TDbin directory. The vulnerability is demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in various Windows versions.

Recommendations For ActiveTcl version 8.5.12, consider removing the C:TDbin directory from the PATH system environment variable to prevent exploitation. As a temporary workaround, restrict access to the C:TDbin directory to minimize the risk of a Trojan horse DLL being loaded.