Lucene search

MitreCVE-2010-3132

HistoryAug 26, 2010 - 6:36 p.m.

CVE-2010-3132

2010-08-2618:36:35

mitre

web.nvd.nist.gov

adobe

dreamweaver

cs5

vulnerability

code execution

dll hijacking

nvd

cve-2010-3132

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

High

EPSS

0.008

Percentile

81.6%

JSON

Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 build 4916, build 4909, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc90loc.dll or (2) dwmapi.dll that is located in the same folder as a CSS, PHP, ASP, or other file that automatically launches Dreamweaver.

Affected configurations

Nvd

Node

adobedreamweaverMatch11.0

VendorProductVersionCPE
adobedreamweaver11.0cpe:2.3:a:adobe:dreamweaver:11.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	dreamweaver	11.0	cpe:2.3:a:adobe:dreamweaver:11.0:::::::*

References

secunia.com/advisories/41110

www.exploit-db.com/exploits/14740

www.vupen.com/english/advisories/2010/2171

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12035

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

High

EPSS

0.008

Percentile

81.6%

JSON

Related for CVE-2010-3132