CVE-2011-5158 in DATEV Grundpaket Basisinfo

Summary

Multiple untrusted search path vulnerabilities in the DMTGUI2.EXE and DvInesLogFileViewer.Exe components in DATEV Grundpaket Basis CD23.20 allow local users to gain privileges via a Trojan horse (1) DVBSKNLANG101.dll or (2) DvZediTermSrvInfo004.dll file in the current working directory, as demonstrated by a directory that contains a .dmt, .adl, .c02, .dof, or .jrf file. NOTE: some of these details are obtained from third party information.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

09/07/2012

Disclosure

09/07/2012

Moderation

VulDB entry created

Entries

VDB-62172 (1)

CPE

ready

CWE

CWE-426 (Confirmed)

CVSS

8.4

EPSS

0.00454

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-5158
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-5158
CVE Details	https://www.cvedetails.com/cve/CVE-2011-5158/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!