ID CVE-2010-3139
Summary Untrusted search path vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse imm.dll that is located in the same folder as a .grp file.
References
Vulnerable Configurations
  • Microsoft Windows
    cpe:2.3:o:microsoft:windows
CVSS
Base: 9.3 (as of 30-08-2010 - 09:17)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description Microsoft Group Convertor DLL Hijacking Exploit (imm.dll). CVE-2010-3139. Local exploit for windows platform
file exploits/windows/local/14758.c
id EDB-ID:14758
last seen 2016-02-01
modified 2010-08-25
platform windows
port
published 2010-08-25
reporter Beenu Arora
source https://www.exploit-db.com/download/14758/
title Microsoft Group Convertor DLL Hijacking Exploit imm.dll
type local
oval via4
accepted 2011-05-09T04:00:27.181-04:00
class vulnerability
contributors
  • name SecPod Team
    organization SecPod Technologies
  • name Shane Shaffer
    organization G2, Inc.
definition_extensions
  • comment Microsoft Windows XP (x86) SP3 is installed
    oval oval:org.mitre.oval:def:5631
  • comment Microsoft Windows XP (x86) SP2 is installed
    oval oval:org.mitre.oval:def:754
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Windows Server 2003 SP2 (x86) is installed
    oval oval:org.mitre.oval:def:1935
  • comment Microsoft Windows Server 2003 SP1 (x86) is installed
    oval oval:org.mitre.oval:def:565
description Untrusted search path vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse imm.dll that is located in the same folder as a .grp file.
family windows
id oval:org.mitre.oval:def:12209
status accepted
submitted 2010-10-22T16:52:53
title Untrusted search path vulnerability in Microsoft Windows Progman Group Converter
version 70
refmap via4
exploit-db 14758
osvdb 67535
secunia 41136
vupen ADV-2010-2200
Last major update 18-07-2011 - 22:39
Published 27-08-2010 - 15:00
Last modified 18-09-2017 - 21:31
Back to Top