Vulnerabilities > CVE-2010-3132 - Unspecified vulnerability in Adobe Dreamweaver 11.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN adobe
exploit available
Summary
Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 build 4916, build 4909, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc90loc.dll or (2) dwmapi.dll that is located in the same folder as a CSS, PHP, ASP, or other file that automatically launches Dreamweaver.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description Adobe Dreamweaver CS5. CVE-2010-3132. Local exploit for windows platform file exploits/windows/local/14740.c id EDB-ID:14740 last seen 2016-02-01 modified 2010-08-25 platform windows port published 2010-08-25 reporter diwr source https://www.exploit-db.com/download/14740/ title Adobe Dreamweaver CS5 <= 11.0 build 4909 - DLL Hijacking Exploit mfc90loc.dll type local description Adobe Dreamweaver CS4 DLL Hijacking Exploit (ibfs32.dll). CVE-2010-3132. Local exploit for windows platform id EDB-ID:14735 last seen 2016-02-01 modified 2010-08-24 published 2010-08-24 reporter Glafkos Charalambous source https://www.exploit-db.com/download/14735/ title Adobe Dreamweaver CS4 DLL Hijacking Exploit ibfs32.dll
Oval
| accepted | 2011-04-25T04:00:07.810-04:00 | ||||
| class | vulnerability | ||||
| contributors |
| ||||
| definition_extensions |
| ||||
| description | Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 build 4916, build 4909, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc90loc.dll or (2) dwmapi.dll that is located in the same folder as a CSS, PHP, ASP, or other file that automatically launches Dreamweaver. | ||||
| family | windows | ||||
| id | oval:org.mitre.oval:def:12035 | ||||
| status | accepted | ||||
| submitted | 2011-03-18T17:36:13 | ||||
| title | Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 build 4916, build 4909, and other versions | ||||
| version | 4 |
References
- http://secunia.com/advisories/41110
- http://secunia.com/advisories/41110
- http://www.exploit-db.com/exploits/14740
- http://www.exploit-db.com/exploits/14740
- http://www.vupen.com/english/advisories/2010/2171
- http://www.vupen.com/english/advisories/2010/2171
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12035
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12035