CVE-2010-3914
Published Nov 3, 2010
Last updated 14 years ago
Overview
- Description
- Untrusted search path vulnerability in VIM Development Group GVim before 7.3.034, and possibly other versions before 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other DLL that is located in the same folder as a .TXT file. NOTE: some of these details are obtained from third party information.
- Source
- vultures@jpcert.or.jp
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'
- Impact
- http://www.kb.cert.org/vuls/id/707943
- Solution
- http://www.kb.cert.org/vuls/id/707943
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vim:gvim:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "725EE2B7-96C9-4972-8A7E-E69093F95B2E",
"versionEndIncluding": "7.3.033"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BF03D66-FE40-44F2-A3DD-C5B87836DDDC"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.02:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7C08D893-042C-4ED1-86B6-1B8FE2E1D213"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.03:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9AD47983-31F2-43D6-99C2-F69D121AD2FD"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.04:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3E69659-8C99-4448-B103-81A5F435DE23"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.05:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E16D1B11-4CF5-4A9E-B022-B19D1C31DCC4"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.06:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "857EC47A-BE90-4A8C-9A06-637FCE871713"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.07:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D5AAB0D-8334-425A-8321-89B0D0AFBFB3"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.08:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D4E37D8-3AAA-4135-AD35-0446BB9C1EB2"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.09:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "841B6A12-C5D9-4836-8CC3-6E66ABA43C63"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.010:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CD69DCE-85A8-425F-9ADB-C6A09E520549"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.011:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F182D6F9-0533-4AA5-8F8D-EC8929350DAF"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.012:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA59E723-8B3D-40D9-81EF-21091ECA747B"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.013:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "236381E0-D186-4A28-A696-CE35A03E3616"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.014:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51C542A6-F194-46E4-B943-678590C199CC"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.015:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ECA565AB-B9A8-49CD-8553-DFB7450A32FB"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.016:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC2E6CC8-FA17-4FE3-ADBB-4E84555B6FBC"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.017:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A0F0E45-E428-4FD1-9FB0-2B0DCEAF9FC3"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.018:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2FCF5A56-DB53-4B6F-ACB8-D5D48C0E4BEE"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.019:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6A614F92-9EC0-4AFB-B5C8-193A9D471057"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.020:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8E6D309-1985-4F3F-A25F-575E158BFC51"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.021:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53F7B164-4563-45EF-B9AF-577AE303FAA3"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.022:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9EE86FA1-7D5A-4DA0-8995-3B65E1B2EFF5"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.023:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E80404AC-32BB-466A-9A7C-BEE4E4879C5C"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.024:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E10A79CE-DC4F-4E37-992F-54F8ABD8A51E"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.025:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FDC5DE3D-4F80-43E2-A866-FEBECE405A30"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.026:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "093FB356-0246-4DDF-AADD-0FCDA1CA1C1B"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.027:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "597AAEEB-1F5C-45E6-83EC-E80937B390FA"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.028:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BE277E41-16EF-4B9A-BEC5-8A98376E91AD"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.029:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F32C2454-8A07-451C-AA14-C7513458B349"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.030:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C5D381F5-42C9-484F-BC2A-534F40A5E921"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.031:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C16BC269-A435-4C9D-86C8-6F53C7FF1341"
},
{
"criteria": "cpe:2.3:a:vim:gvim:7.3.032:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8245FA83-9DDD-48CC-B455-AB6673253D21"
}
],
"operator": "OR"
}
]
}
]