CVE

Id
45727  
CVE No.
CVE-2010-3143  
Status
Candidate  
Description
Untrusted search path vulnerability in Microsoft Windows Contacts allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32res.dll that is located in the same folder as a .contact, .group, .p7c, .vcf, or .wab file. NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3147.  
Phase
Assigned (20100827)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
497790 45727 CVE-2010-3143 EXPLOIT-DB:14778  View
497791 45727 CVE-2010-3143 URL:http://www.exploit-db.com/exploits/14778/  View
497792 45727 CVE-2010-3143 OVAL:oval:org.mitre.oval:def:7224  View
497793 45727 CVE-2010-3143 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7224  View
497794 45727 CVE-2010-3143 XF:ms-win-dll-code-exec(64446)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
36847 JVNDB-2010-002627 Windows Address Book の wab.exe における権限昇格の脆弱性 Windows Address Book の wab.exe には、権限を取得される脆弱性が存在します。 CVE-2010-3147 45727 9.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002627.html  View