CVE-2012-4883
First published: Fri Sep 07 2012(Updated: )
Multiple untrusted search path vulnerabilities in 3DVIA Composer V6R2012 HF1 Build 6.8.1.1652 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) ibfs32.dll file in the current working directory, as demonstrated by a directory that contains a .smg file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| 3Dvia Composer | =6.8.1.1652 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-4883?
CVE-2012-4883 is classified as a high severity vulnerability due to its potential for privilege escalation by local users.
How do I fix CVE-2012-4883?
To fix CVE-2012-4883, ensure that the dwmapi.dll and ibfs32.dll files are not placed in untrusted directories and update to a secure version of 3DVIA Composer.
Who is affected by CVE-2012-4883?
CVE-2012-4883 affects local users of 3DVIA Composer V6R2012 HF1 Build 6.8.1.1652 on Windows operating systems.
What causes CVE-2012-4883?
CVE-2012-4883 is caused by multiple untrusted search path vulnerabilities that allow loading of malicious DLL files from working directories.
What is the potential impact of exploiting CVE-2012-4883?
Exploiting CVE-2012-4883 can allow an attacker to gain elevated privileges on the affected system.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/3ds
- canonical/3dvia composer
- version/3dvia composer/6.8.1.1652