CVE-2010-3128

Description

Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file.

Affected Software
References

Software	From	Fixed in
teamviewer / teamviewer	3.6.5523	3.6.5523.x
teamviewer / teamviewer	-	5.0.8703.x
teamviewer / teamviewer	4.1.8107	4.1.8107.x
teamviewer / teamviewer	1.85	1.85.x
teamviewer / teamviewer	2.44	2.44.x

http://secunia.com/advisories/41112
http://www.exploit-db.com/exploits/14734
http://www.securityfocus.com/archive/1/513317/100/0/threaded
http://www.vupen.com/english/advisories/2010/2174
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6773

Severity: High

CVE: CVE-2010-3128
Published: Aug 26, 2010
Updated: Apr 13, 2023
Exploit:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CVE-2010-3128

Description

Details

CVSS v2