CVE-2011-5155 : Untrusted search path vulnerability in Help & Manual 5.5.1 Build 1296 allows loc

Untrusted search path vulnerability in Help & Manual 5.5.1 Build 1296 allows local users to gain privileges via a Trojan horse ijl15.dll file in the current working directory, as demonstrated by a directory that contains a .hmxz, .hmxp, .hmskin, .hmx, .hm3, .hpj, .hlp, or .chm file. NOTE: some of these details are obtained from third party information.

Published 2012-09-06 10:41:58

Updated 2025-04-11 00:51:22

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2011-5155

Helpandmanual » Help & Manual » Version: 5.5.1
cpe:2.3:a:helpandmanual:help_\&_manual:5.5.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2011-5155

EPSS FAQ

0.31%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 51 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2011-5155

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.3	MEDIUM	AV:L/AC:M/Au:N/C:C/I:C/A:N	3.4	9.2	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: None

References for CVE-2011-5155

http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5009.php

Zero Science Lab » Help & Manual Professional Edition 5.5.1 (ijl15.dll) DLL Hijacking Exploit
http://secunia.com/advisories/44170

Sign in
Vendor Advisory

Jump to

Vulnerability Details : CVE-2011-5155

Products affected by CVE-2011-5155

Exploit prediction scoring system (EPSS) score for CVE-2011-5155

CVSS scores for CVE-2011-5155

References for CVE-2011-5155