CVE-2019-6534

High

The uncontrolled search path element vulnerability in Gemalto Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2…

icscert·CWE-427·Published 2019-04-11

CVSS

7.8

EPSS

0.02

KEV

Exploits

cve.orgen

195 chars

The uncontrolled search path element vulnerability in Gemalto Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2 enables an attacker to load and execute a malicious file.

NVDen

195 chars

The uncontrolled search path element vulnerability in Gemalto Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2 enables an attacker to load and execute a malicious file.

La vulnerabilidad del elemento path de búsqueda no controlada en la librería ux32w.dll de Gemalto Sentinel UltraPro Client, versiones 1.3.0, 1.3.1 y 1.3.2 permite a un atacante cargar y ejecutar un archivo malicioso.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H