CVE-2010-5082 Information

Description

Untrusted search path vulnerability in colorcpl.exe 6.0.6000.16386 in the Color Control Panel in Microsoft Windows Server 2008 SP2 R2 and R2 SP1 allows local users to gain privileges via a Trojan horse sti.dll file in the current working directory as demonstrated by a directory that contains a .camp .cdmp .gmmp .icc or .icm file aka \Color Control Panel Insecure Library Loading Vulnerability.\

Reference

http://shinnai.altervista.org/exploits/SH-006-20100914.html http://www.us-cert.gov/cas/techalerts/TA12-045A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-012 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14446