CVE-2010-3141
Microsoft PowerPoint 2007 - 'rpawinet.dll' DLL Hijacking
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
Untrusted search path vulnerability in Microsoft PowerPoint 2010 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse pptimpconv.dll that is located in the same folder as a .odp, .pot, .potm, .potx, .ppa, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .pwz, .sldm, or .sldx file.
Una vulnerabilidad de ruta de búsqueda no confiable en Microsoft PowerPoint 2010 permite a los usuarios locales, y posiblemente a los atacantes remotos, ejecutar código arbitrario y conducir ataques de secuestro de DLL por medio de un troyano pptimpconv.dll que esta ubicado en la misma carpeta que un archivo .odp, .pot, .potm , .potx, .ppa, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .pwz, .sldm o .sldx.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-08-24 First Exploit
- 2010-08-27 CVE Reserved
- 2010-08-27 CVE Published
- 2024-07-15 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (3)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/14782 | 2010-08-25 | |
| https://www.exploit-db.com/exploits/14723 | 2010-08-24 | |
| http://www.exploit-db.com/exploits/14723 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Powerpoint Search vendor "Microsoft" for product "Powerpoint" | 2010 Search vendor "Microsoft" for product "Powerpoint" and version "2010" | - |
Affected
| ||||||