CVE-2018-6461 (GCVE-0-2018-6461)
Vulnerability from cvelistv5 – Published: 2018-02-05 07:00 – Updated: 2024-08-05 06:01
VLAI
EPSS
VEX
Summary
March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current working directory.
Severity
7.8 (High)
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://hyp3rlinx.altervista.org/advisories/CVS-SU… | x_refsource_MISC |
| http://packetstormsecurity.com/files/146267/WINCV… | x_refsource_MISC |
| http://march-hare.com/cvspro/vulnwincvs.htm | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2018/Feb/24 | mailing-listx_refsource_FULLDISC |
Date Public
2018-02-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:01:49.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://hyp3rlinx.altervista.org/advisories/CVS-SUITE-2009R2-INSECURE-LIBRARY-LOADING-CVE-2018-6461.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/146267/WINCVS-2009R2-DLL-Hijacking.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://march-hare.com/cvspro/vulnwincvs.htm"
},
{
"name": "20180209 CVS Suite 2009R2 Insecure Library Loading CVE-2018-6461",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2018/Feb/24"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-02-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-19T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://hyp3rlinx.altervista.org/advisories/CVS-SUITE-2009R2-INSECURE-LIBRARY-LOADING-CVE-2018-6461.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/146267/WINCVS-2009R2-DLL-Hijacking.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://march-hare.com/cvspro/vulnwincvs.htm"
},
{
"name": "20180209 CVS Suite 2009R2 Insecure Library Loading CVE-2018-6461",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2018/Feb/24"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://hyp3rlinx.altervista.org/advisories/CVS-SUITE-2009R2-INSECURE-LIBRARY-LOADING-CVE-2018-6461.txt",
"refsource": "MISC",
"url": "http://hyp3rlinx.altervista.org/advisories/CVS-SUITE-2009R2-INSECURE-LIBRARY-LOADING-CVE-2018-6461.txt"
},
{
"name": "http://packetstormsecurity.com/files/146267/WINCVS-2009R2-DLL-Hijacking.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/146267/WINCVS-2009R2-DLL-Hijacking.html"
},
{
"name": "http://march-hare.com/cvspro/vulnwincvs.htm",
"refsource": "CONFIRM",
"url": "http://march-hare.com/cvspro/vulnwincvs.htm"
},
{
"name": "20180209 CVS Suite 2009R2 Insecure Library Loading CVE-2018-6461",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2018/Feb/24"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-6461",
"datePublished": "2018-02-05T07:00:00.000Z",
"dateReserved": "2018-01-31T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:01:49.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-6461",
"date": "2026-07-15",
"epss": "0.0181",
"percentile": "0.76128"
},
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:march-hare:wincvs:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0\", \"versionEndExcluding\": \"2.8.01\", \"matchCriteriaId\": \"305CFA83-FA79-42E9-9B28-081D05D7EB61\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current working directory.\"}, {\"lang\": \"es\", \"value\": \"March Hare WINCVS en versiones anteriores a la 2.8.01 build 6610 y CVS Suite en versiones anteriores a la 2009R2 build 6610 contienen una vulnerabilidad de carga insegura de librer\\u00edas en los archivos wincvs2.exe o wincvs.exe. Esto podr\\u00eda permitir que usuarios locales obtengan privilegios mediante un troyano de Python o un archivo DLL TCL en el directorio de trabajo actual.\"}]",
"id": "CVE-2018-6461",
"lastModified": "2024-11-21T04:10:42.650",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2018-02-05T07:29:00.247",
"references": "[{\"url\": \"http://hyp3rlinx.altervista.org/advisories/CVS-SUITE-2009R2-INSECURE-LIBRARY-LOADING-CVE-2018-6461.txt\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://march-hare.com/cvspro/vulnwincvs.htm\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/146267/WINCVS-2009R2-DLL-Hijacking.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2018/Feb/24\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://hyp3rlinx.altervista.org/advisories/CVS-SUITE-2009R2-INSECURE-LIBRARY-LOADING-CVE-2018-6461.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://march-hare.com/cvspro/vulnwincvs.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/146267/WINCVS-2009R2-DLL-Hijacking.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2018/Feb/24\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-426\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-6461\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-02-05T07:29:00.247\",\"lastModified\":\"2024-11-21T04:10:42.650\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current working directory.\"},{\"lang\":\"es\",\"value\":\"March Hare WINCVS en versiones anteriores a la 2.8.01 build 6610 y CVS Suite en versiones anteriores a la 2009R2 build 6610 contienen una vulnerabilidad de carga insegura de librer\u00edas en los archivos wincvs2.exe o wincvs.exe. Esto podr\u00eda permitir que usuarios locales obtengan privilegios mediante un troyano de Python o un archivo DLL TCL en el directorio de trabajo actual.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-426\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:march-hare:wincvs:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0\",\"versionEndExcluding\":\"2.8.01\",\"matchCriteriaId\":\"305CFA83-FA79-42E9-9B28-081D05D7EB61\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"http://hyp3rlinx.altervista.org/advisories/CVS-SUITE-2009R2-INSECURE-LIBRARY-LOADING-CVE-2018-6461.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://march-hare.com/cvspro/vulnwincvs.htm\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/146267/WINCVS-2009R2-DLL-Hijacking.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2018/Feb/24\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://hyp3rlinx.altervista.org/advisories/CVS-SUITE-2009R2-INSECURE-LIBRARY-LOADING-CVE-2018-6461.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://march-hare.com/cvspro/vulnwincvs.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/146267/WINCVS-2009R2-DLL-Hijacking.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2018/Feb/24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…