Vulnerabilities > CVE-2010-3139 - Unspecified vulnerability in Microsoft Windows
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Untrusted search path vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse imm.dll that is located in the same folder as a .grp file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |
Exploit-Db
| description | Microsoft Group Convertor DLL Hijacking Exploit (imm.dll). CVE-2010-3139. Local exploit for windows platform |
| file | exploits/windows/local/14758.c |
| id | EDB-ID:14758 |
| last seen | 2016-02-01 |
| modified | 2010-08-25 |
| platform | windows |
| port | |
| published | 2010-08-25 |
| reporter | Beenu Arora |
| source | https://www.exploit-db.com/download/14758/ |
| title | Microsoft Group Convertor DLL Hijacking Exploit imm.dll |
| type | local |
Oval
| accepted | 2011-05-09T04:00:27.181-04:00 | ||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||
| contributors |
| ||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||
| description | Untrusted search path vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse imm.dll that is located in the same folder as a .grp file. | ||||||||||||||||||||
| family | windows | ||||||||||||||||||||
| id | oval:org.mitre.oval:def:12209 | ||||||||||||||||||||
| status | accepted | ||||||||||||||||||||
| submitted | 2010-10-22T16:52:53 | ||||||||||||||||||||
| title | Untrusted search path vulnerability in Microsoft Windows Progman Group Converter | ||||||||||||||||||||
| version | 73 |