Search criteria
12 vulnerabilities found for threading_building_blocks by intel
CVE-2023-35121 (GCVE-0-2023-35121)
Vulnerability from nvd – Published: 2024-02-14 13:38 – Updated: 2024-08-02 16:23
VLAI?
Summary
Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.
Severity ?
7.8 (High)
CWE
- escalation of privilege
- Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI DPC++/C++ Compiler software |
Affected:
before version 2023.2.1
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:advisor:*:*:*:*:*:oneapi:*:*"
],
"defaultStatus": "unknown",
"product": "advisor",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:inspector:*:*:*:*:*:oneapi:*:*"
],
"defaultStatus": "unknown",
"product": "inspector",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_ai_analytics_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_ai_analytics_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_base_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_deep_neural_network:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_deep_neural_network",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_hpc_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_iot_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-28T19:15:26.510057Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T18:11:26.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) oneAPI DPC++/C++ Compiler software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2023.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\u003c/p\u003e"
}
],
"value": "Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"description": "Improper access control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T15:02:44.885Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-35121",
"datePublished": "2024-02-14T13:38:13.220Z",
"dateReserved": "2023-08-04T03:00:04.724Z",
"dateUpdated": "2024-08-02T16:23:59.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29162 (GCVE-0-2023-29162)
Vulnerability from nvd – Published: 2024-02-14 13:38 – Updated: 2025-03-20 14:34
VLAI?
Summary
Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
6 (Medium)
CWE
- escalation of privilege
- Improper buffer restrictions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) C++ Compiler Classic |
Affected:
before version 2021.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:oneapi_toolkits:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_toolkits",
"vendor": "intel",
"versions": [
{
"lessThan": "2022.3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:cplusplus_compiler_classic:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cplusplus_compiler_classic",
"vendor": "intel",
"versions": [
{
"lessThan": "2021.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29162",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T18:23:46.476234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T14:34:20.632Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) C++ Compiler Classic",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2021.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\u003c/p\u003e"
}
],
"value": "Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"description": "Improper buffer restrictions",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T15:28:54.293Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-29162",
"datePublished": "2024-02-14T13:38:13.744Z",
"dateReserved": "2023-04-13T03:00:03.833Z",
"dateUpdated": "2025-03-20T14:34:20.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5682 (GCVE-0-2017-5682)
Vulnerability from nvd – Published: 2017-02-28 19:00 – Updated: 2024-08-05 15:11
VLAI?
Summary
Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.
Severity ?
No CVSS data available.
CWE
- Escalation of Privilege
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2 |
Affected:
Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:48.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
},
{
"name": "96482",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2"
}
]
}
],
"datePublic": "2017-02-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-02T10:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
},
{
"name": "96482",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2017-5682",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2",
"version": {
"version_data": [
{
"version_value": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr",
"refsource": "CONFIRM",
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
},
{
"name": "96482",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2017-5682",
"datePublished": "2017-02-28T19:00:00",
"dateReserved": "2017-02-01T00:00:00",
"dateUpdated": "2024-08-05T15:11:48.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5269 (GCVE-0-2010-5269)
Vulnerability from nvd – Published: 2012-09-07 10:00 – Updated: 2024-09-16 20:22
VLAI?
Summary
Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:17:10.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42506"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/adobe-pixel-bender-toolkit-tbbmalloc-dll-hijacking-exploit-10-5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-07T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42506"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/adobe-pixel-bender-toolkit-tbbmalloc-dll-hijacking-exploit-10-5"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42506"
},
{
"name": "http://www.coresecurity.com/content/adobe-pixel-bender-toolkit-tbbmalloc-dll-hijacking-exploit-10-5",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/adobe-pixel-bender-toolkit-tbbmalloc-dll-hijacking-exploit-10-5"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5269",
"datePublished": "2012-09-07T10:00:00Z",
"dateReserved": "2012-09-07T00:00:00Z",
"dateUpdated": "2024-09-16T20:22:52.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2023-35121
Vulnerability from fkie_nvd - Published: 2024-02-14 14:16 - Updated: 2026-01-14 18:13
Severity ?
Summary
Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | advisor | * | |
| intel | cluster_checker | 2021.7.3 | |
| intel | distribution_for_python | 2023.1 | |
| intel | inspector | * | |
| intel | integrated_performance_primitives | 2021.9 | |
| intel | integrated_performance_primitives_cryptography | * | |
| intel | mpi_library | * | |
| intel | oneapi_ai_analytics_toolkit | 2023.2 | |
| intel | oneapi_base_toolkit | * | |
| intel | oneapi_base_toolkit | 2023.2 | |
| intel | oneapi_deep_neural_network | * | |
| intel | oneapi_deep_neural_network | 2023.2 | |
| intel | oneapi_hpc_toolkit | 2023.2 | |
| intel | oneapi_iot_toolkit | 2023.2 | |
| intel | oneapi_math_kernel_library | * | |
| intel | threading_building_blocks | * | |
| intel | trace_analyzer_and_collector | 2021.10.0 | |
| intel | vtune_profiler | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:advisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F19FC1B-ABBC-4AD1-A3EF-FEF6CA6DF90C",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:cluster_checker:2021.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "535F8418-033A-4EAC-9E9B-2BBA83CB885B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:distribution_for_python:2023.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7A8ABC-B220-46D2-A6CE-FDEE08388C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:inspector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8676B2-8B07-4489-AE24-5AFF7B318E73",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives:2021.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2EE063-5A38-40DD-A2C3-BF10664085AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA1F6A6-E2FC-4243-81E3-2E8CA4AA4CD2",
"versionEndExcluding": "2021.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B7FC0C-D3DA-40A2-8D69-2056656F84A0",
"versionEndExcluding": "2021.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_ai_analytics_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "16B6BCCB-F33F-49B6-B87B-CC93E30C82B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7E4E29-75C3-4B97-AB86-C82A3214D558",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11501F04-FAA8-44F9-BD4F-105458A6252B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6DA864-1A74-4706-832B-2D8453A55D06",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "76639D6F-2583-455B-8A0E-7B412C18C485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E2D9438-CC9E-4070-97E6-6300064CF136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "776C3236-F480-446D-93ED-E1A8D9CBA108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF32E88-710F-4622-AC69-4E6A04B8F9D4",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:threading_building_blocks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD857AA-0809-464A-A0FF-13CF527A83AE",
"versionEndExcluding": "2021.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:2021.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68072344-62DC-40C5-9704-1ABCF20E1701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:vtune_profiler:*:*:*:*:*:-:*:*",
"matchCriteriaId": "ABB740DA-24E8-44DF-9E15-C12BD497AFE6",
"versionEndExcluding": "2023.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\n\n"
},
{
"lang": "es",
"value": "El control de acceso inadecuado en algunos software del compilador Intel(R) oneAPI DPC++/C++ anterior a la versi\u00f3n 2023.2.1 puede permitir que el usuario autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local."
}
],
"id": "CVE-2023-35121",
"lastModified": "2026-01-14T18:13:19.650",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "secure@intel.com",
"type": "Secondary"
}
]
},
"published": "2024-02-14T14:16:00.123",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-29162
Vulnerability from fkie_nvd - Published: 2024-02-14 14:15 - Updated: 2026-01-14 18:27
Severity ?
Summary
Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | advisor | * | |
| intel | cluster_checker | 2021.7.3 | |
| intel | distribution_for_python | 2023.1 | |
| intel | inspector | * | |
| intel | integrated_performance_primitives | 2021.9 | |
| intel | integrated_performance_primitives_cryptography | * | |
| intel | mpi_library | * | |
| intel | oneapi_ai_analytics_toolkit | 2023.2 | |
| intel | oneapi_base_toolkit | * | |
| intel | oneapi_base_toolkit | 2023.2 | |
| intel | oneapi_deep_neural_network | * | |
| intel | oneapi_deep_neural_network | 2023.2 | |
| intel | oneapi_hpc_toolkit | 2023.2 | |
| intel | oneapi_iot_toolkit | 2023.2 | |
| intel | oneapi_math_kernel_library | * | |
| intel | threading_building_blocks | * | |
| intel | trace_analyzer_and_collector | 2021.10.0 | |
| intel | vtune_profiler | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:advisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F19FC1B-ABBC-4AD1-A3EF-FEF6CA6DF90C",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:cluster_checker:2021.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "535F8418-033A-4EAC-9E9B-2BBA83CB885B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:distribution_for_python:2023.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7A8ABC-B220-46D2-A6CE-FDEE08388C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:inspector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8676B2-8B07-4489-AE24-5AFF7B318E73",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives:2021.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2EE063-5A38-40DD-A2C3-BF10664085AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA1F6A6-E2FC-4243-81E3-2E8CA4AA4CD2",
"versionEndExcluding": "2021.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B7FC0C-D3DA-40A2-8D69-2056656F84A0",
"versionEndExcluding": "2021.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_ai_analytics_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "16B6BCCB-F33F-49B6-B87B-CC93E30C82B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7E4E29-75C3-4B97-AB86-C82A3214D558",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11501F04-FAA8-44F9-BD4F-105458A6252B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6DA864-1A74-4706-832B-2D8453A55D06",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "76639D6F-2583-455B-8A0E-7B412C18C485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E2D9438-CC9E-4070-97E6-6300064CF136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "776C3236-F480-446D-93ED-E1A8D9CBA108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF32E88-710F-4622-AC69-4E6A04B8F9D4",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:threading_building_blocks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD857AA-0809-464A-A0FF-13CF527A83AE",
"versionEndExcluding": "2021.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:2021.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68072344-62DC-40C5-9704-1ABCF20E1701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:vtune_profiler:*:*:*:*:*:-:*:*",
"matchCriteriaId": "ABB740DA-24E8-44DF-9E15-C12BD497AFE6",
"versionEndExcluding": "2023.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\n\n"
},
{
"lang": "es",
"value": "Las restricciones inadecuadas del b\u00fafer en algunos compiladores Intel(R) C++ Classic anteriores a la versi\u00f3n 2021.8 pueden permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local."
}
],
"id": "CVE-2023-29162",
"lastModified": "2026-01-14T18:27:26.690",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.5,
"source": "secure@intel.com",
"type": "Secondary"
}
]
},
"published": "2024-02-14T14:15:49.777",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2017-5682
Vulnerability from fkie_nvd - Published: 2017-02-28 19:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.
References
| URL | Tags | ||
|---|---|---|---|
| secure@intel.com | http://www.securityfocus.com/bid/96482 | Third Party Advisory, VDB Entry | |
| secure@intel.com | https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070&languageid=en-fr | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96482 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070&languageid=en-fr | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | advisor | 2017 | |
| intel | cryptography_for_intel_integrated_performance_primitives | 2017 | |
| intel | data_analytics_acceleration_library | 2017 | |
| intel | inspector | 2017 | |
| intel | integrated_performance_primitives | 2017 | |
| intel | math_kernel_library | 2017 | |
| intel | mpi_library | 2017 | |
| intel | parallel_studio_xe | 2017 | |
| intel | system_studio | 2017 | |
| intel | threading_building_blocks | 2017 | |
| intel | trace_analyzer_and_collector | 2017 | |
| intel | vtune_amplifier | 2017 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:advisor:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "83E6F5FC-D325-4C8C-82E9-82B5FFCEB083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:cryptography_for_intel_integrated_performance_primitives:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "91AFB020-6F26-4D0D-A373-5E6341975421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:data_analytics_acceleration_library:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "B40F7BDC-1317-480B-9B23-1F13758543D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:inspector:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "D9644872-437C-4AD5-9D7C-811E527CC13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "B67785D4-D084-4C3E-81E6-B6C5BD110885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:math_kernel_library:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "7B94882E-342F-4D87-A0D2-6F0C9282B096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:mpi_library:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "6B60FA44-7160-4D1A-98AE-744FC2C91B88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:parallel_studio_xe:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DFA92D-02DD-4623-A7A5-B7780CE24996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:system_studio:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "1314F593-5448-4458-A7FF-A479909C0147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:threading_building_blocks:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "096729CA-6729-480D-BEDD-B294DCB3B789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "73D61D38-EC35-4C15-996C-28484709A42D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:vtune_amplifier:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "C3A8F80A-95C3-44A1-BB71-8E1A3581B8D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
},
{
"lang": "es",
"value": "Intel PSET Application Install wrapper de Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer y Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library y Intel Threading Building Blocks en versiones anteriores a 2017 Update 2 permite a un atacante iniciar un proceso con privilegios escalados."
}
],
"id": "CVE-2017-5682",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-28T19:59:00.160",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96482"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-5269
Vulnerability from fkie_nvd - Published: 2012-09-07 10:32 - Updated: 2025-04-11 00:51
Severity ?
Summary
Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | threading_building_blocks | 2.2.013 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:threading_building_blocks:2.2.013:*:*:*:*:*:*:*",
"matchCriteriaId": "C9A83EB7-21B2-4980-BD53-824FAC12EDFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en tbb.dll en Intel Threading Building Blocks (TBB) v2.2.013, permite a usuarios locales ganar privilegios a trav\u00e9s de un archivo tbbmalloc.dll caballo de troya que se encuentre en el mismo directorio de trabajo, como se demostr\u00f3 con un directorio que contiene un archivo .pbk. NOTA: algunos de estos detalles han sido obtenidos de fuentes de terceros."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html\r\n\r\n\u0027CWE-426: Untrusted Search Path\u0027",
"id": "CVE-2010-5269",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-09-07T10:32:23.837",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42506"
},
{
"source": "cve@mitre.org",
"url": "http://www.coresecurity.com/content/adobe-pixel-bender-toolkit-tbbmalloc-dll-hijacking-exploit-10-5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.coresecurity.com/content/adobe-pixel-bender-toolkit-tbbmalloc-dll-hijacking-exploit-10-5"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-29162 (GCVE-0-2023-29162)
Vulnerability from cvelistv5 – Published: 2024-02-14 13:38 – Updated: 2025-03-20 14:34
VLAI?
Summary
Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
6 (Medium)
CWE
- escalation of privilege
- Improper buffer restrictions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) C++ Compiler Classic |
Affected:
before version 2021.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:oneapi_toolkits:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_toolkits",
"vendor": "intel",
"versions": [
{
"lessThan": "2022.3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:cplusplus_compiler_classic:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cplusplus_compiler_classic",
"vendor": "intel",
"versions": [
{
"lessThan": "2021.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29162",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T18:23:46.476234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T14:34:20.632Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) C++ Compiler Classic",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2021.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\u003c/p\u003e"
}
],
"value": "Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"description": "Improper buffer restrictions",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T15:28:54.293Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-29162",
"datePublished": "2024-02-14T13:38:13.744Z",
"dateReserved": "2023-04-13T03:00:03.833Z",
"dateUpdated": "2025-03-20T14:34:20.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35121 (GCVE-0-2023-35121)
Vulnerability from cvelistv5 – Published: 2024-02-14 13:38 – Updated: 2024-08-02 16:23
VLAI?
Summary
Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.
Severity ?
7.8 (High)
CWE
- escalation of privilege
- Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI DPC++/C++ Compiler software |
Affected:
before version 2023.2.1
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:advisor:*:*:*:*:*:oneapi:*:*"
],
"defaultStatus": "unknown",
"product": "advisor",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:inspector:*:*:*:*:*:oneapi:*:*"
],
"defaultStatus": "unknown",
"product": "inspector",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_ai_analytics_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_ai_analytics_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_base_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_deep_neural_network:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_deep_neural_network",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_hpc_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_iot_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-28T19:15:26.510057Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T18:11:26.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) oneAPI DPC++/C++ Compiler software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2023.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\u003c/p\u003e"
}
],
"value": "Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"description": "Improper access control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T15:02:44.885Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-35121",
"datePublished": "2024-02-14T13:38:13.220Z",
"dateReserved": "2023-08-04T03:00:04.724Z",
"dateUpdated": "2024-08-02T16:23:59.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5682 (GCVE-0-2017-5682)
Vulnerability from cvelistv5 – Published: 2017-02-28 19:00 – Updated: 2024-08-05 15:11
VLAI?
Summary
Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges.
Severity ?
No CVSS data available.
CWE
- Escalation of Privilege
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2 |
Affected:
Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:48.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
},
{
"name": "96482",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2"
}
]
}
],
"datePublic": "2017-02-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-02T10:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
},
{
"name": "96482",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2017-5682",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2",
"version": {
"version_data": [
{
"version_value": "Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, Intel Threading Building Blocks Before 2017 Update 2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives, Intel Math Kernel Library, Intel Data Analytics Acceleration Library, and Intel Threading Building Blocks before 2017 Update 2 allows an attacker to launch a process with escalated privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr",
"refsource": "CONFIRM",
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00070\u0026languageid=en-fr"
},
{
"name": "96482",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2017-5682",
"datePublished": "2017-02-28T19:00:00",
"dateReserved": "2017-02-01T00:00:00",
"dateUpdated": "2024-08-05T15:11:48.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5269 (GCVE-0-2010-5269)
Vulnerability from cvelistv5 – Published: 2012-09-07 10:00 – Updated: 2024-09-16 20:22
VLAI?
Summary
Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:17:10.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42506"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/adobe-pixel-bender-toolkit-tbbmalloc-dll-hijacking-exploit-10-5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-07T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42506"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/adobe-pixel-bender-toolkit-tbbmalloc-dll-hijacking-exploit-10-5"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42506"
},
{
"name": "http://www.coresecurity.com/content/adobe-pixel-bender-toolkit-tbbmalloc-dll-hijacking-exploit-10-5",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/adobe-pixel-bender-toolkit-tbbmalloc-dll-hijacking-exploit-10-5"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5269",
"datePublished": "2012-09-07T10:00:00Z",
"dateReserved": "2012-09-07T00:00:00Z",
"dateUpdated": "2024-09-16T20:22:52.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}