Lucene search
HistoryAug 26, 2010 - 6:36 p.m.
CVE-2010-3126
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.4
Confidence
High
EPSS
0.011
Percentile
84.6%
Untrusted search path vulnerability in avast! Free Antivirus version 5.0.594 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc90loc.dll that is located in the same folder as an avast license (.avastlic) file.
Affected configurations
Node
avastavast_antivirus_freeRange≤5.0.594
| Vendor | Product | Version | CPE |
|---|---|---|---|
| avast | avast_antivirus_free | * | cpe:2.3:a:avast:avast_antivirus_free:*:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2010-08-26 18:36:00
cvelist
cvelist
CVE-2010-3126
2010-08-26 18:00:00
kaspersky
kaspersky
KLA10413 ACE vulnerability in Avast! Free Antivirus
2010-08-26 00:00:00
openvas
openvas
exploitdb
exploitdb
Avast! 5.0.594 - 'mfc90loc.dll' License Files DLL Hijacking
2010-08-25 00:00:00
cve
cve
CVE-2010-3126
2010-08-26 18:36:35
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.4
Confidence
High
EPSS
0.011
Percentile
84.6%
Related for NVD:CVE-2010-3126