Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2010-3397

Untrusted search path vulnerability in PGP Desktop 9.9.0 Build 397, 9.10.x, 10.0.0 Build 2732, and probably other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tsp.dll or tvttsp.dll that is located in the same folder as a .p12, .pem, .pgp, .prk, .prvkr, .pubkr, .rnd, or .skr file.

  • Published: Sep 15, 2010
  • Updated: Apr 13, 2023
  • CVE: CVE-2010-3397
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
pgp / desktop 9.9.0 9.9.0.x
pgp / desktop 10.0.0 10.0.0.x
pgp / desktop 9.10.0 9.10.0.x