{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T05:34:10.618","vulnerabilities":[{"cve":{"id":"CVE-2011-0403","sourceIdentifier":"cve@mitre.org","published":"2011-01-11T03:00:05.483","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Untrusted search path vulnerability in ImgBurn.exe in ImgBurn 2.4.0.0, 2.5.4.0, and other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a CUE file."},{"lang":"es","value":"Una vulnerabilidad de ruta (path) de búsqueda no confiable en el archivo ImgBurn.exe en ImgBurn versiones 2.4.0.0, 2.5.4.0, y otras versiones, permite a los usuarios locales, y posiblemente atacantes remotos, ejecutar código arbitrario y conducir ataques de secuestro DLL por medio de una biblioteca dwmapi.dll de tipo caballo de Troya que se encuentra en la misma carpeta que un archivo CUE."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:1.0.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5F7A3FB9-291D-4220-932F-AE46237A0D90"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"BD036A5E-00F4-4F3F-9E6B-F5A3C1EDB227"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"238F0717-4289-4800-8583-620B22DB1095"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:1.3.0.0:*:*:*:*:*:*:*","matchCriteriaId":"1679FBFE-043E-4FAD-8439-2C7E9956C441"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.0.0.0:*:*:*:*:*:*:*","matchCriteriaId":"46ECF18F-B3F9-40B2-8892-8189A272C5E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"892AEB60-FBC5-42D7-B54F-B89D5DC10308"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2B23D046-390E-48B0-9A61-6352AA8434FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.3.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F873CA52-7275-42B6-87D2-79E244AE789D"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.3.1.0:*:*:*:*:*:*:*","matchCriteriaId":"D090F6CA-23FD-4854-8092-58C392CFCFC0"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.3.2.0:*:*:*:*:*:*:*","matchCriteriaId":"3CB1AC59-86C8-4B21-82A9-96306BC940AD"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.4.0.0:*:*:*:*:*:*:*","matchCriteriaId":"D3460E3E-0FD1-4606-B64D-73F495614475"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.4.1.0:*:*:*:*:*:*:*","matchCriteriaId":"91B731AE-704C-4F67-ABFA-E2186821FF2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.4.2.0:*:*:*:*:*:*:*","matchCriteriaId":"3A1F8A5F-467F-4DAF-A429-9984D611C778"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.4.3.0:*:*:*:*:*:*:*","matchCriteriaId":"5E2EBF16-0292-4904-8996-A55580745E59"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.4.4.0:*:*:*:*:*:*:*","matchCriteriaId":"E2731B2C-9DD7-4C0C-92B2-44B5DD165384"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.5.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5ACE56BB-B5AF-4BB7-B593-4451E95C299D"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.5.1.0:*:*:*:*:*:*:*","matchCriteriaId":"C55B4BAB-48BF-4093-985A-A791A6A31F27"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.5.2.0:*:*:*:*:*:*:*","matchCriteriaId":"8145B201-73DD-4CB6-AE7E-0683492733F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.5.3.0:*:*:*:*:*:*:*","matchCriteriaId":"1A50E2DC-BA03-4F74-A7AC-8B75FB6F0B42"},{"vulnerable":true,"criteria":"cpe:2.3:a:imgburn:imgburn:2.5.4.0:*:*:*:*:*:*:*","matchCriteriaId":"78FE14FA-5C88-47B0-9797-E0F0BF8740A7"}]}]}],"references":[{"url":"http://osvdb.org/70273","source":"cve@mitre.org"},{"url":"http://packetstormsecurity.org/files/view/97207/imgburn-dllhijack.txt","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://secunia.com/advisories/42798","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/45657","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/64478","source":"cve@mitre.org"},{"url":"http://osvdb.org/70273","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://packetstormsecurity.org/files/view/97207/imgburn-dllhijack.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://secunia.com/advisories/42798","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/45657","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/64478","source":"af854a3a-2127-422b-91ae-364da2661108"}],"evaluatorComment":"Per: http://cwe.mitre.org/data/definitions/426.html\r\n\r\n'CWE-426: Untrusted Search Path'"}}]}