Unrated severityNVD Advisory· Published Sep 6, 2012· Updated Apr 29, 2026

CVE-2010-5196

Description

Untrusted search path vulnerability in KeePass Password Safe before 2.13 allows local users to gain privileges via a Trojan horse DwmApi.dll file in the current working directory, as demonstrated by a directory that contains a .kdbx file. NOTE: some of these details are obtained from third party information.

Affected products

Keepass/Password Safe2 versions
cpe:2.3:a:keepass:password_safe:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:keepass:password_safe:*:*:*:*:*:*:*:*range: <=2.10
- cpe:2.3:a:keepass:password_safe:1.6:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/41167nvdVendor Advisory
www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/nvd
www.keepass.info/news/n100906_2.13.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000