CVE-2010-5203

Multiple untrusted search path vulnerabilities in NCP Secure Enterprise Client before 9.21 Build 68, Secure Entry Client before 9.23 Build 18, and Secure Client - Juniper Edition before 9.23 Build 18 allow local users to gain privileges via a Trojan horse (1) dvccsabase002.dll, (2) conman.dll, (3) kmpapi32.dll, or (4) ncpmon2.dll file in the current working directory, as demonstrated by a directory that contains a .pcf or .spd file. NOTE: some of these details are obtained from third party information.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ncp-e:secure_client:*:*:juniper:*:*:*:*:*
cpe:2.3:a:ncp-e:secure_enterprise_client:*:*:*:*:*:*:*:*
cpe:2.3:a:ncp-e:secure_entry_client:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:22

Type Values Removed Values Added
References () http://secunia.com/advisories/41388 - Vendor Advisory () http://secunia.com/advisories/41388 - Vendor Advisory
References () http://www.ncp-e.com/fileadmin/pdf/service_support/NCP_Client_Vulnerability_Statement_EN.pdf - Vendor Advisory () http://www.ncp-e.com/fileadmin/pdf/service_support/NCP_Client_Vulnerability_Statement_EN.pdf - Vendor Advisory

Information

Published : 2012-09-06 10:41

Updated : 2024-11-21 01:22


NVD link : CVE-2010-5203

Mitre link : CVE-2010-5203

CVE.ORG link : CVE-2010-5203


JSON object : View

Products Affected

ncp-e

  • secure_entry_client
  • secure_client
  • secure_enterprise_client