CVE-2012-5379

HIGH EPSS 65.2%
Published Oct 11, 201213y ago · Modified Jun 16, 20262w ago
7.3 CVSS 3.1
High
Find Similar
Published Oct 11, 2012 13y ago
Last Modified Jun 16, 2026 2w ago

Description

Untrusted search path vulnerability in the installation functionality in ActivePython 3.2.2.3, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\Python27 or C:\Python27\Scripts directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the ActivePython installation

CVSS Details

Base Score
7.3
Exploitability
1.3
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
65.2% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Affected Products 1

VendorProductVersionRange
activestateactivepython3.2.2.3any

References 1

  • htbridge.com https://www.htbridge.com/advisory/HTB23108
    Exploit

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.