CVE-2010-5204 Information

Description

Multiple untrusted search path vulnerabilities in IBM Lotus Symphony 1.3.0 20090908.0900 allow local users to gain privileges via a Trojan horse (1) eclipse_1114.dll or (2) emser645mi.dll file in the current working directory as demonstrated by a directory that contains a .odm .odt .otp .stc .stw .sxg or .sxw file. NOTE: some of these details are obtained from third party information.

Reference

http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/5Bibm_lotus_symphony5D_3-beta-4_insecure_dll_hijacking http://secunia.com/advisories/41400