Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-3914

Опубликовано: 03 нояб. 2010
Источник: nvd
CVSS2: 9.3
EPSS Низкий

Описание

Untrusted search path vulnerability in VIM Development Group GVim before 7.3.034, and possibly other versions before 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other DLL that is located in the same folder as a .TXT file. NOTE: some of these details are obtained from third party information.

Комментарий

Per: http://cwe.mitre.org/data/definitions/426.html

'CWE-426: Untrusted Search Path'

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:vim:gvim:*:*:*:*:*:*:*:*
Версия до 7.3.033 (включая)
cpe:2.3:a:vim:gvim:7.3.01:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.02:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.03:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.04:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.05:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.06:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.07:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.08:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.09:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.010:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.011:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.012:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.013:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.014:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.015:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.016:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.017:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.018:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.019:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.020:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.021:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.022:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.023:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.024:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.025:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.026:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.027:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.028:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.029:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.030:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.031:*:*:*:*:*:*:*
cpe:2.3:a:vim:gvim:7.3.032:*:*:*:*:*:*:*

EPSS

Процентиль: 87%
0.03543
Низкий

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2010-3914

ubuntu
больше 15 лет назад

Untrusted search path vulnerability in VIM Development Group GVim before 7.3.034, and possibly other versions before 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other DLL that is located in the same folder as a .TXT file. NOTE: some of these details are obtained from third party information.

debian логотип

CVE-2010-3914

debian
больше 15 лет назад

Untrusted search path vulnerability in VIM Development Group GVim befo ...

github логотип

GHSA-v5pg-9f9w-5m2q

github
больше 3 лет назад

Untrusted search path vulnerability in VIM Development Group GVim before 7.3.034, and possibly other versions before 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other DLL that is located in the same folder as a .TXT file. NOTE: some of these details are obtained from third party information.

EPSS

Процентиль: 87%
0.03543
Низкий

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other