Vulnerabilities > CVE-2010-3191 - Unspecified vulnerability in Adobe Captivate 5.0.0.596

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
adobe
critical
NVD
Published: 2010-08-31
Updated: 2017-09-19

Summary

Untrusted search path vulnerability in Adobe Captivate 5.0.0.596, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .cptx file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Per: http://cwe.mitre.org/data/definitions/426.html CWE-426: Untrusted Search Path

Vulnerable Configurations

Part Description Count
Application
Adobe
1

Oval

accepted2011-01-03T04:00:33.086-05:00
classvulnerability
contributors
nameSecPod Team
organizationSecPod Technologies
definition_extensions
commentAdobe Captivate is installed
ovaloval:org.mitre.oval:def:6982
descriptionUntrusted search path vulnerability in Adobe Captivate 5.0.0.596, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .cptx file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
familywindows
idoval:org.mitre.oval:def:7470
statusaccepted
submitted2010-10-13T05:18:13
titleUntrusted search path vulnerability in Adobe Captivate version 5.0.0.596 via a Trojan horse dwmapi.dll
version4

References