CVE-2012-0305

Untrusted search path vulnerability in Symantec System Recovery 2011 before SP2 and Backup Exec System Recovery 2010 before SP5 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

Published: Jul 23, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-0305
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
symantec / backupexec_system_recovery	2010	2010.x
symantec / backupexec_system_recovery	2011	2011.x
symantec / system_recovery	2011	2011.x

http://www.securityfocus.com/bid/54594
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_01

Vulnerability Database

290,273

CVE-2012-0305