9.3

CVE-2010-3129

Exploit
Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse plugin_dll.dll, userenv.dll, shfolder.dll, dnsapi.dll, dwmapi.dll, iphlpapi.dll, dhcpcsvc.dll, dhcpcsvc6.dll, or rpcrtremote.dll that is located in the same folder as a .torrent or .btsearch file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
UtorrentUtorrent Version1.1.1
UtorrentUtorrent Version1.1.3
UtorrentUtorrent Version1.1.4
UtorrentUtorrent Version1.1.5
UtorrentUtorrent Version1.1.6
UtorrentUtorrent Version1.1.7
UtorrentUtorrent Version1.2
UtorrentUtorrent Version1.2.1
UtorrentUtorrent Version1.2.2
UtorrentUtorrent Version1.7
UtorrentUtorrent Version1.7.1
UtorrentUtorrent Version1.7.2
UtorrentUtorrent Version1.7.4
UtorrentUtorrent Version1.7.5
UtorrentUtorrent Version1.7.6
UtorrentUtorrent Version1.8
UtorrentUtorrent Version1.8.1
UtorrentUtorrent Version1.8.1 Updaterc1
UtorrentUtorrent Version1.8.2
UtorrentUtorrent Version1.8.3
UtorrentUtorrent Version1.8.4
UtorrentUtorrent Version1.8.5
UtorrentUtorrent Version2.0
UtorrentUtorrent Version2.0.1
UtorrentUtorrent Version2.0.2
UtorrentUtorrent Version2.0.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.26% 0.935
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/41051
Vendor Advisory
http://www.exploit-db.com/exploits/14726
Exploit
http://www.exploit-db.com/exploits/14748
http://www.vupen.com/english/advisories/2010/2164
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6887