exploitDog

CVE-2010-3142

Опубликовано: 27 авг. 2010

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse rpawinet.dll that is located in the same folder as a .odp, .pothtml, .potm, .potx, .ppa, .ppam, .pps, .ppt, .ppthtml, .pptm, .pptxml, .pwz, .sldm, .sldx, and .thmx file.

Комментарий

Per: http://cwe.mitre.org/data/definitions/426.html

'CWE-426 - 'Untrusted Search Path Vulnerability'

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:powerpoint:2007:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.10332

Средний

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-p74q-fwcr-f7m7

github

больше 3 лет назад

Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse rpawinet.dll that is located in the same folder as a .odp, .pothtml, .potm, .potx, .ppa, .ppam, .pps, .ppt, .ppthtml, .pptm, .pptxml, .pwz, .sldm, .sldx, and .thmx file.

EPSS

Процентиль: 93%

0.10332

Средний

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other