CVE-2010-3146
Microsoft Office Groove 2007 - 'mso.dll' DLL Hijacking
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
Multiple untrusted search path vulnerabilities in Microsoft Groove 2007 SP2 allow local users to gain privileges via a Trojan horse (1) mso.dll or (2) GroovePerfmon.dll file in the current working directory, as demonstrated by a directory that contains a Groove vCard (.vcg) or Groove Tool Archive (.gta) file, aka "Microsoft Groove Insecure Library Loading Vulnerability."
Múltiples vulnerabilidades de ruta (path) de búsqueda no confiables en Groove 2007 versión SP2, de Microsoft, permiten a los usuarios locales alcanzar privilegios por medio de los archivos de tipo caballo de Troya (1) mso.dll o (2) GroovePerfmon.dll en el directorio de trabajo actual, como es demostrado por un directorio que contiene una Groove vCard (.vcg) o archivo Groove Tool Archive (.gta), también se conoce como "Microsoft Groove Insecure Library Loading Vulnerability."
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-08-25 First Exploit
- 2010-08-27 CVE Reserved
- 2010-08-27 CVE Published
- 2024-08-07 CVE Updated
- 2024-10-14 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.us-cert.gov/cas/techalerts/TA11-067A.html | Third Party Advisory | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12632 | Signature |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/14746 | 2010-08-25 | |
| http://www.exploit-db.com/exploits/14746 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.vupen.com/english/advisories/2010/2188 | 2018-10-12 | |
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-016 | 2018-10-12 |