Skip to main content

Untrusted Search Path

CVE-2010-4831

Severity Medium
Score 6.9/10

Summary

Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in GTK+ before 2.21.8 allows local users to gain privileges via a Trojan horse Wintab32.dll file in the current working directory.

  • MEDIUM
  • LOCAL
  • NONE
  • COMPLETE
  • COMPLETE
  • COMPLETE

CWE-426 - Untrusted Search Path

The application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.

References

Advisory Timeline

  • Published