Vulnerabilities > CVE-2010-3125 - Unspecified vulnerability in Wolterskluwer Teammate Audit Management Software Suite 8.0

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

wolterskluwer

critical

exploit available

NVD

Published: 2010-08-26

Updated: 2010-08-26

Summary

Untrusted search path vulnerability in TeamMate Audit Management Software Suite 8.0 patch 2 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc71enu.dll that is located in the same folder as a .tmx file. Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'

Vulnerable Configurations

Part	Description	Count
Application	Wolterskluwer Wolterskluwer Teammate Audit Management Software Suite 8.0	1

Exploit-Db

description	TeamMate Audit Management Software Suite DLL Hijacking Exploit (mfc71enu.dll). CVE-2010-3125. Local exploit for windows platform
file	exploits/windows/local/14747.c
id	EDB-ID:14747
last seen	2016-02-01
modified	2010-08-25
platform	windows
port
published	2010-08-25
reporter	Beenu Arora
source	https://www.exploit-db.com/download/14747/
title	TeamMate Audit Management Software Suite DLL Hijacking Exploit mfc71enu.dll
type	local

References

http://www.exploit-db.com/exploits/14747