LiveActive security incident?Get immediate response
CVE archive

August 2010

Browse CVE records published in August 2010, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 471 matching CVEs · Page 5 of 10.

Unknown · CVSS Not scored

CVE-2010-3190: Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Stu...

Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3, 2013, and 2013 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory during execution of an MFC application such as AtlTraceTool8.exe (aka ATL MFC Trace Tool), as demonstrated by a directory that contains a TRC, cur, rs, rct, or res file, aka "MFC Insecure Library Loading Vulnerability."

Published Aug 31, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3191: Untrusted search path vulnerability in Adobe Captivate 5.0.0.596, and possibly other versions, allows local...

Untrusted search path vulnerability in Adobe Captivate 5.0.0.596, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .cptx file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Aug 31, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3150: Untrusted search path vulnerability in Adobe Premier Pro CS4 4.0.0 (314 (MC: 160820)) allows local users, a...

Untrusted search path vulnerability in Adobe Premier Pro CS4 4.0.0 (314 (MC: 160820)) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ibfs32.dll that is located in the same folder as a .pproj, .prfpset, .prexport, .prm, .prmp, .prpreset, .prproj, .prsl, .prtl, or .vpr file.

Published Aug 27, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3186: IBM WebSphere Application Server (WAS) 7.x before 7.0.0.13, and WebSphere Application Server Feature Pack f...

IBM WebSphere Application Server (WAS) 7.x before 7.0.0.13, and WebSphere Application Server Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, when a JAX-WS application is used, does not properly handle an IncludeTimestamp setting in the WS-Security policy, which has unspecified impact and remote attack vectors.

Published Aug 30, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3153: Untrusted search path vulnerability in Adobe InDesign CS4 6.0, InDesign CS5 7.0.2 and earlier, Adobe InDesi...

Untrusted search path vulnerability in Adobe InDesign CS4 6.0, InDesign CS5 7.0.2 and earlier, Adobe InDesign Server CS5 7.0.2 and earlier, and Adobe InCopy CS5 7.0.2 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ibfs32.dll that is located in the same folder as an .indl, .indp, .indt, or .inx file.

Published Aug 27, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3152: Untrusted search path vulnerability in Adobe Illustrator CS4 14.0.0, CS5 15.0.1 and earlier, and possibly o...

Untrusted search path vulnerability in Adobe Illustrator CS4 14.0.0, CS5 15.0.1 and earlier, and possibly other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll or aires.dll that is located in the same folder as an .ait or .eps file.

Published Aug 27, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3131: Untrusted search path vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird be...

Untrusted search path vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Windows XP allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .htm, .html, .jtx, .mfp, or .eml file.

Published Aug 26, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3146: Multiple untrusted search path vulnerabilities in Microsoft Groove 2007 SP2 allow local users to gain privi...

Multiple untrusted search path vulnerabilities in Microsoft Groove 2007 SP2 allow local users to gain privileges via a Trojan horse (1) mso.dll or (2) GroovePerfmon.dll file in the current working directory, as demonstrated by a directory that contains a Groove vCard (.vcg) or Groove Tool Archive (.gta) file, aka "Microsoft Groove Insecure Library Loading Vulnerability."

Published Aug 27, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3144: Untrusted search path vulnerability in the Internet Connection Signup Wizard in Microsoft Windows XP SP2 an...

Untrusted search path vulnerability in the Internet Connection Signup Wizard in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse smmscrpt.dll file in the current working directory, as demonstrated by a directory that contains an ISP or INS file, aka "Internet Connection Signup Wizard Insecure Library Loading Vulnerability."

Published Aug 27, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3137: Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local use...

Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, .aac, .aiff, .amf, .au, .avr, .b4s, .caf or .cda file.

Published Aug 26, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3138: Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 allows lo...

Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that contains a .avi, .mka, .ra, or .ram file, aka "Indeo Codec Insecure Library Loading Vulnerability." NOTE: some of these details are obtained from third party information.

Published Aug 27, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3141: Untrusted search path vulnerability in Microsoft PowerPoint 2010 allows local users, and possibly remote at...

Untrusted search path vulnerability in Microsoft PowerPoint 2010 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse pptimpconv.dll that is located in the same folder as a .odp, .pot, .potm, .potx, .ppa, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .pwz, .sldm, or .sldx file.

Published Aug 27, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3133: Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local...

Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark.

Published Aug 26, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3129: Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly remote a...

Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse plugin_dll.dll, userenv.dll, shfolder.dll, dnsapi.dll, dwmapi.dll, iphlpapi.dll, dhcpcsvc.dll, dhcpcsvc6.dll, or rpcrtremote.dll that is located in the same folder as a .torrent or .btsearch file.

Published Aug 26, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3148: Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a...

Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .vsd, .vdx, .vst, or .vtx file, aka "Microsoft Visio Insecure Library Loading Vulnerability."

Published Aug 27, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3145: Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup M...

Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by a directory that contains a Windows Backup Catalog (.wbcat) file, aka "Backup Manager Insecure Library Loading Vulnerability."

Published Aug 27, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3127: Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 allows local users, and possibly rem...

Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll or Wintab32.dll that is located in the same folder as a PSD or other file that is processed by PhotoShop. NOTE: some of these details are obtained from third party information.

Published Aug 26, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3143: Untrusted search path vulnerability in Microsoft Windows Contacts allows local users, and possibly remote a...

Untrusted search path vulnerability in Microsoft Windows Contacts allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32res.dll that is located in the same folder as a .contact, .group, .p7c, .vcf, or .wab file. NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3147.

Published Aug 27, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3132: Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 build 4916, build 4909, and probably othe...

Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 build 4916, build 4909, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc90loc.dll or (2) dwmapi.dll that is located in the same folder as a CSS, PHP, ASP, or other file that automatically launches Dreamweaver.

Published Aug 26, 2010 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-3147: Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows...

Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan horse wab32res.dll file in the current working directory, as demonstrated by a directory that contains a Windows Address Book (WAB), VCF (aka vCard), or P7C file, aka "Insecure Library Loading Vulnerability." NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3143.

Published Aug 27, 2010 · Updated Aug 7, 2024