CVE-2024-10093

HIGH

VSO ConvertXtoDvd 7.0.0.83 - Uncontrolled Search Path

Title source: llm

Description

A vulnerability, which was classified as critical, was found in VSO ConvertXtoDvd 7.0.0.83. Affected is an unknown function in the library avcodec.dll of the file ConvertXtoDvd.exe. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

References (3)

Scores

CVSS v3 7.8
EPSS 0.0011
EPSS Percentile 29.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-427
Status published

Affected Products (1)

vso-software/convertxtodvd

Timeline

Published Oct 17, 2024
Tracked Since Feb 18, 2026