VYPR
Medium severity6.7NVD Advisory· Published Apr 11, 2017· Updated Jun 17, 2026

CVE-2017-5873

CVE-2017-5873

Description

Unquoted Windows search path vulnerability in the guest service in Unisys s-Par before 4.4.20 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.

Affected products

3
  • cpe:2.3:a:unisys:secure_partitioning:4.3.403:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:unisys:secure_partitioning:4.3.403:*:*:*:*:*:*:*
    • cpe:2.3:a:unisys:secure_partitioning:4.4.19:*:*:*:*:*:*:*
  • Unisys/s-Parllm-fuzzy
    Range: <4.4.20

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.