Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMicrosoftCVE-2011-3396
HistoryDec 14, 2011 - 12:55 a.m.

CVE-2011-3396

2011-12-1400:55:01
microsoft
web.nvd.nist.gov
35
microsoft
powerpoint
2007
2010
untrusted search path
vulnerability
local users
privileges
trojan horse dll

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0.889

Percentile

98.8%

JSON

Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka β€œPowerPoint Insecure Library Loading Vulnerability.”

Affected configurations

Nvd
Node
microsoftpowerpointMatch2007sp2
OR
microsoftpowerpointMatch2010x32
OR
microsoftpowerpointMatch2010x64
VendorProductVersionCPE
microsoftpowerpoint2007cpe:2.3:a:microsoft:powerpoint:2007:sp2:*:*:*:*:*:*
microsoftpowerpoint2010cpe:2.3:a:microsoft:powerpoint:2010:*:x32:*:*:*:*:*
microsoftpowerpoint2010cpe:2.3:a:microsoft:powerpoint:2010:*:x64:*:*:*:*:*

Related

seebug 1
cvelist 1
symantec 1
checkpoint_advisories 1
prion 1
nvd 1
nessus 1
openvas 2
securityvulns 1
seebug
seebug
Microsoft PowerPoint DLLεŠ θ½½θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž(MS11-094)
2011-12-15 00:00:00
cvelist
cvelist
CVE-2011-3396
2011-12-14 00:00:00
symantec
symantec
Microsoft PowerPoint CVE-2011-3396 DLL Loading Arbitrary Code Execution Vulnerability
2011-12-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft PowerPoint Insecure Library Loading (MS11-094; CVE-2011-3396)
2011-12-13 00:00:00
prion
prion
Design/Logic Flaw
2011-12-14 00:55:00
nvd
nvd
CVE-2011-3396
2011-12-14 00:55:01
nessus
nessus
MS11-094: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2639142)
2011-12-13 00:00:00
openvas
openvas
Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2639142)
2011-12-14 00:00:00
Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2639142)
2011-12-14 00:00:00
securityvulns
securityvulns
Microsoft Office multiple security vulnerabilities
2011-12-15 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0.889

Percentile

98.8%

JSON
Related for CVE-2011-3396
seebug1cvelist1symantec1checkpoint_advisories1prion1nvd1nessus1openvas2securityvulns1