Lucene search

[email protected]CVE-2010-3151

HistoryAug 27, 2010 - 7:00 p.m.

CVE-2010-3151

2010-08-2719:00:18

[email protected]

web.nvd.nist.gov

cve-2010-3151

adobe on location cs4

vulnerability

dll hijacking

security

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.9%

JSON

Untrusted search path vulnerability in Adobe On Location CS4 Build 315 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ibfs32.dll that is located in the same folder as an OLPROJ file.

Affected configurations

NVD

Node

adobeonlocation_cs4Match4.0.1

adobeonlocation_cs4Match4.0.2

adobeonlocation_cs4Match4.0.3

AND

adobepremiere_pro_cs4Match4.0.1

adobepremiere_pro_cs4Match4.1.0

adobepremiere_pro_cs4Match4.2.0

adobepremiere_pro_cs4Match4.2.1

CPENameOperatorVersion
adobe:onlocation_cs4adobe onlocation cs4eq4.0.1
adobe:onlocation_cs4adobe onlocation cs4eq4.0.2
adobe:onlocation_cs4adobe onlocation cs4eq4.0.3

CPE	Name	Operator	Version
adobe:onlocation_cs4	adobe onlocation cs4	eq	4.0.1
adobe:onlocation_cs4	adobe onlocation cs4	eq	4.0.2
adobe:onlocation_cs4	adobe onlocation cs4	eq	4.0.3

References

www.exploit-db.com/exploits/14772/

www.securityfocus.com/archive/1/513332/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/64445

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.9%

JSON

Related for CVE-2010-3151

openvas2 nvd1 cvelist1 prion1