CVE-2017-1000010Uncontrolled Search Path Element in Audacity

CWE-427Uncontrolled Search Path Element4 documents4 sources
Severity
7.8HIGHNVD
EPSS
1.0%
top 22.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Audacityteam Audacity
Timeline
PublishedJul 17
Latest updateMay 13

Description

Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

NVDaudacityteam/audacity2.1.22.3.2

🔴Vulnerability Details

2
GHSA
GHSA-hv4f-c38w-r52w: Audacity 22022-05-13
CVEList
CVE-2017-1000010: Audacity 22017-07-13

📋Vendor Advisories

1
Debian
CVE-2017-1000010: audacity - Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.d...2017
CVE-2017-1000010 — Uncontrolled Search Path Element | cvebase