CVE-2010-5200
MEDIUM severity · CVSS 6.9
6.9CVSS MEDIUM
Summary
Untrusted search path vulnerability in KeePass Password Safe before 1.18 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .kdb file. NOTE: some of these details are obtained from third party information.
Impact & exploitability
Attack vectorLocal
Attack complexity—
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)0%
AV:L/AC:M/Au:N/C:C/I:C/A:C
Affected products we track (1)
Recommendation
Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.
Official patch: http://keepass.info/news/n100902_1.18.html ↗