Vulnerability Details : CVE-2012-5188
Untrusted search path vulnerability in mora Downloader before 1.0.0.1 allows remote attackers to trigger the launch of a .exe file via unspecified vectors.
Exploit prediction scoring system (EPSS) score for CVE-2012-5188
Probability of exploitation activity in the next 30 days: 0.31%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 69 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-5188
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2012-5188
-
http://jvn.jp/en/jp/JVN91387819/index.html
JVN#91387819: mora Downloader may insecurely load executable files
-
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000006
JVNDB-2013-000006 - JVN iPedia - 脆弱性対策情報データベース
-
http://mora.jp/help/information?60
お知らせ・障害情報|音楽ダウンロード・音楽配信サイト mora ~WALKMAN®公式ミュージックストア~Patch;Vendor Advisory
Products affected by CVE-2012-5188
- cpe:2.3:a:labelgate:mora_downloader:*:*:*:*:*:*:*:*