exploitDog

CVE-2010-3337

Опубликовано: 10 нояб. 2010

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Untrusted search path vulnerability in Microsoft Office 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Insecure Library Loading Vulnerability." NOTE: this might overlap CVE-2010-3141 and CVE-2010-3142.

Комментарий

Per: http://www.microsoft.com/technet/security/Bulletin/MS10-087.mspx

'FAQ for Insecure Library Loading Vulnerability - CVE-2010-3337: This is a remote code execution vulnerability.'

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*

cpe:2.3:a:microsoft:office:2010:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.46382

Средний

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-334f-5c7w-6p82

github

больше 3 лет назад

Untrusted search path vulnerability in Microsoft Office 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Insecure Library Loading Vulnerability." NOTE: this might overlap CVE-2010-3141 and CVE-2010-3142.

EPSS

Процентиль: 98%

0.46382

Средний

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other