Vulnerabilities > CVE-2010-3134 - Unspecified vulnerability in Google Earth 5.1.3535.3218
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Untrusted search path vulnerability in Google Earth 5.1.3535.3218 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll that is located in the same folder as a .kmz file. Per: http://cwe.mitre.org/data/definitions/426.html CWE-426 - 'Untrusted Search Path Vulnerability'
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Google Earth v5.1.3535.3218 DLL Hijacking Exploit (quserex.dll). CVE-2010-3134. Local exploit for windows platform |
file | exploits/windows/local/14790.c |
id | EDB-ID:14790 |
last seen | 2016-02-01 |
modified | 2010-08-25 |
platform | windows |
port | |
published | 2010-08-25 |
reporter | LiquidWorm |
source | https://www.exploit-db.com/download/14790/ |
title | Google Earth 5.1.3535.3218 - DLL Hijacking Exploit quserex.dll |
type | local |
Oval
accepted | 2014-04-07T04:06:57.343-04:00 | ||||||||||||
class | vulnerability | ||||||||||||
contributors |
| ||||||||||||
definition_extensions |
| ||||||||||||
description | Untrusted search path vulnerability in Google Earth 5.1.3535.3218 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll that is located in the same folder as a .kmz file. | ||||||||||||
family | windows | ||||||||||||
id | oval:org.mitre.oval:def:7553 | ||||||||||||
status | accepted | ||||||||||||
submitted | 2010-09-17T05:48:31 | ||||||||||||
title | Untrusted search path vulnerability in Google Earth version 5.1.3535.3218 | ||||||||||||
version | 8 |