Vulnerabilities > CVE-2010-3129 - Unspecified vulnerability in Utorrent

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
utorrent
exploit available
NVD
Published: 2010-08-26
Updated: 2017-09-19

Summary

Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse plugin_dll.dll, userenv.dll, shfolder.dll, dnsapi.dll, dwmapi.dll, iphlpapi.dll, dhcpcsvc.dll, dhcpcsvc6.dll, or rpcrtremote.dll that is located in the same folder as a .torrent or .btsearch file.

Vulnerable Configurations

Part Description Count
Application
Utorrent
26

Exploit-Db

  • descriptionuTorrent DLL Hijacking Vulnerabilities. Local exploit for windows platform
    fileexploits/windows/local/14748.txt
    idEDB-ID:14748
    last seen2016-02-01
    modified2010-08-25
    platformwindows
    port
    published2010-08-25
    reporterDr_IDE
    sourcehttps://www.exploit-db.com/download/14748/
    titleuTorrent - DLL Hijacking Vulnerabilities
    typelocal
  • descriptionuTorrent <= 2.0.3 DLL Hijacking Exploit (plugin_dll.dll). CVE-2010-3129. Local exploit for windows platform
    fileexploits/windows/local/14726.c
    idEDB-ID:14726
    last seen2016-02-01
    modified2010-08-24
    platformwindows
    port
    published2010-08-24
    reporterTheLeader
    sourcehttps://www.exploit-db.com/download/14726/
    titleuTorrent <= 2.0.3 DLL Hijacking Exploit plugin_dll.dll
    typelocal

Oval

accepted2010-10-25T04:00:20.553-04:00
classvulnerability
contributors
nameSecPod Team
organizationSecPod Technologies
definition_extensions
commentuTorrent is installed
ovaloval:org.mitre.oval:def:7343
descriptionUntrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse plugin_dll.dll, userenv.dll, shfolder.dll, dnsapi.dll, dwmapi.dll, iphlpapi.dll, dhcpcsvc.dll, dhcpcsvc6.dll, or rpcrtremote.dll that is located in the same folder as a .torrent or .btsearch file.
familywindows
idoval:org.mitre.oval:def:6887
statusaccepted
submitted2010-09-13T10:27:44
titleUntrusted search path vulnerability in uTorrent less than or equal to 2.0.3
version4

References