Lucene search

K
cve[email protected]CVE-2010-3126
HistoryAug 26, 2010 - 6:36 p.m.

CVE-2010-3126

2010-08-2618:36:35
web.nvd.nist.gov
22
cve-2010-3126
vulnerability
avast free antivirus
arbitrary code execution
dll hijacking
nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.6%

Untrusted search path vulnerability in avast! Free Antivirus version 5.0.594 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc90loc.dll that is located in the same folder as an avast license (.avastlic) file.

Affected configurations

NVD
Node
avastavast_antivirus_freeRange5.0.594

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.6%

Related for CVE-2010-3126