ID CVE-2010-3143
Summary Untrusted search path vulnerability in Microsoft Windows Contacts allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32res.dll that is located in the same folder as a .contact, .group, .p7c, .vcf, or .wab file. NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3147.
References
Vulnerable Configurations
  • Microsoft Windows
    cpe:2.3:o:microsoft:windows
CVSS
Base: 9.3 (as of 30-08-2010 - 09:53)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
  • description Microsoft Address Book 6.00.2900.5512 DLL Hijacking Exploit (wab32res.dll). CVE-2010-3143,CVE-2010-3147. Local exploit for windows platform
    file exploits/windows/local/14745.c
    id EDB-ID:14745
    last seen 2016-02-01
    modified 2010-08-25
    platform windows
    port
    published 2010-08-25
    reporter Beenu Arora
    source https://www.exploit-db.com/download/14745/
    title Microsoft Address Book 6.00.2900.5512 DLL Hijacking Exploit wab32res.dll
    type local
  • description Microsoft Windows Contacts DLL Hijacking Exploit (wab32res.dll). CVE-2010-3143,CVE-2010-3147. Local exploit for windows platform
    file exploits/windows/local/14778.c
    id EDB-ID:14778
    last seen 2016-02-01
    modified 2010-08-25
    platform windows
    port
    published 2010-08-25
    reporter storm
    source https://www.exploit-db.com/download/14778/
    title Microsoft Windows Contacts DLL Hijacking Exploit wab32res.dll
    type local
  • description Microsoft Windows 7 wab.exe DLL Hijacking Exploit (wab32res.dll). CVE-2010-3143,CVE-2010-3147. Local exploit for windows platform
    id EDB-ID:14733
    last seen 2016-02-01
    modified 2010-08-24
    published 2010-08-24
    reporter TheLeader
    source https://www.exploit-db.com/download/14733/
    title Microsoft Windows 7 - wab.exe DLL Hijacking Exploit wab32res.dll
oval via4
accepted 2014-06-30T04:11:24.240-04:00
class vulnerability
contributors
  • name SecPod Team
    organization SecPod Technologies
  • name Josh Turpin
    organization Symantec Corporation
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Microsoft Windows Vista is installed
    oval oval:org.mitre.oval:def:228
  • comment Microsoft Windows Server 2008 (32-bit) is installed
    oval oval:org.mitre.oval:def:4870
  • comment Microsoft Windows Server 2008 (64-bit) is installed
    oval oval:org.mitre.oval:def:5356
  • comment Microsoft Windows 7 x64 Edition is installed
    oval oval:org.mitre.oval:def:5950
  • comment Microsoft Windows 7 (32-bit) is installed
    oval oval:org.mitre.oval:def:6165
description Untrusted search path vulnerability in Microsoft Windows Contacts allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32res.dll that is located in the same folder as a .contact, .group, .p7c, .vcf, or .wab file. NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3147.
family windows
id oval:org.mitre.oval:def:7224
status accepted
submitted 2010-10-13T15:19:01
title Untrusted search path vulnerability in Microsoft Windows Contacts via a Trojan horse wab32res.dll
version 26
refmap via4
exploit-db 14778
xf ms-win-dll-code-exec(64446)
Last major update 07-06-2013 - 22:55
Published 27-08-2010 - 15:00
Last modified 18-09-2017 - 21:31
Back to Top