CVE-2010-3129

Description

Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse plugin_dll.dll, userenv.dll, shfolder.dll, dnsapi.dll, dwmapi.dll, iphlpapi.dll, dhcpcsvc.dll, dhcpcsvc6.dll, or rpcrtremote.dll that is located in the same folder as a .torrent or .btsearch file.

PUBLISHED Reserved 2010-08-26 | Published 2010-08-26 | Updated 2024-08-07 | Assigner mitre

References

www.vupen.com/english/advisories/2010/2164 (ADV-2010-2164) vdb-entry

secunia.com/advisories/41051 (41051) third-party-advisory

www.exploit-db.com/exploits/14748 (14748) exploit

oval.cisecurity.org/...finition/oval:org.mitre.oval:def:6887 (oval:org.mitre.oval:def:6887) vdb-entry signature

www.exploit-db.com/exploits/14726 (14726) exploit

www.vupen.com/english/advisories/2010/2164 (ADV-2010-2164) vdb-entry

secunia.com/advisories/41051 (41051) third-party-advisory

www.exploit-db.com/exploits/14748 (14748) exploit

oval.cisecurity.org/...finition/oval:org.mitre.oval:def:6887 (oval:org.mitre.oval:def:6887) vdb-entry signature

www.exploit-db.com/exploits/14726 (14726) exploit

cve.org (CVE-2010-3129)

nvd.nist.gov (CVE-2010-3129)

Download JSON