CVE

Id
45721  
CVE No.
CVE-2010-3137  
Status
Candidate  
Description
Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, .aac, .aiff, .amf, .au, .avr, .b4s, .caf or .cda file.  
Phase
Assigned (20100826)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
497752 45721 CVE-2010-3137 EXPLOIT-DB:14789  View
497753 45721 CVE-2010-3137 URL:http://www.exploit-db.com/exploits/14789  View
497754 45721 CVE-2010-3137 MISC:http://www.cs.ucdavis.edu/research/tech-reports/2010/CSE-2010-2.pdf  View
497755 45721 CVE-2010-3137 OVAL:oval:org.mitre.oval:def:6874  View
497756 45721 CVE-2010-3137 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6874  View
497757 45721 CVE-2010-3137 SECUNIA:41093  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
39225 JVNDB-2010-005010 Microsoft PowerPoint 2010 における DLL ハイジャック攻撃を実行される脆弱性 Microsoft PowerPoint 2010 には、検索パスに関する処理に不備があるため、任意のコード実行される、および DLL ハイジャック攻撃を実行される脆弱性が存在します。 CVE-2010-3141 45721 9.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-005010.html  View