CVE-2010-3155

Adobe ExtendScript Toolkit (ESTK) for CS5 3.5.0.52 is affected by an Untrusted Search Path vulnerability that enables DLL hijacking via a dwmapi.dll placed in the same folder as a .jsx file. The issue can allow local users, and possibly remote attackers, to execute arbitrary code. The root cause ...