Vulnerability Description
Untrusted search path vulnerability in Xtreme RAT 3.5 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as the current working directory. NOTE: some of these details are obtained from third party information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xtremerat | Xtremerat | 3.5 |
References
- http://packetstormsecurity.org/files/110949/Xtreme-RAT-DLL-Hijack.htmlExploit
- http://www.securityfocus.com/bid/52542Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74151
- http://packetstormsecurity.org/files/110949/Xtreme-RAT-DLL-Hijack.htmlExploit
- http://www.securityfocus.com/bid/52542Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74151
FAQ
What is CVE-2012-4866?
CVE-2012-4866 is a vulnerability with a CVSS score of 6.9 (MEDIUM). Untrusted search path vulnerability in Xtreme RAT 3.5 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as...
How severe is CVE-2012-4866?
CVE-2012-4866 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-4866?
Check the references section above for vendor advisories and patch information. Affected products include: Xtremerat Xtremerat.