Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-3199
HistorySep 10, 2010 - 8:00 p.m.

CVE-2010-3199

2010-09-1020:00:00
CWE-264
[email protected]
web.nvd.nist.gov
20
cve-2010-3199
untrusted search path
tortoisesvn
vulnerability
dll hijacking
dwmapi.dll
nvd
remote code execution

7.5 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

75.8%

JSON

Untrusted search path vulnerability in TortoiseSVN 1.6.10, Build 19898 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a file that is processed by Tortoise. NOTE: this is only a vulnerability when a file extension is associated with TortoiseProc or TortoiseMerge, which is not the default.

Related

securityvulns 2
prion 1
openvas 2
securityvulns
securityvulns
Tortoise SVN DLL Hijacking Vulnerability
2010-09-02 00:00:00
Microsoft Windows multiple applications DLL hijacking
2011-12-19 00:00:00
prion
prion
Design/Logic Flaw
2010-09-10 20:00:00
openvas
openvas
TortoiseSVN Insecure Library Loading Vulnerability
2010-09-21 00:00:00
TortoiseSVN Insecure Library Loading Vulnerability
2010-09-21 00:00:00

7.5 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

75.8%

JSON
Related for CVE-2010-3199
securityvulns2prion1openvas2