CVE-2010-3150 - Untrusted search path vulnerability in Adobe Premier Pro CS4 4.0.0 (314 (MC: 160820)) allows local u

CVE-2010-3150

Summary

Untrusted search path vulnerability in Adobe Premier Pro CS4 4.0.0 (314 (MC: 160820)) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ibfs32.dll that is located in the same folder as a .pproj, .prfpset, .prexport, .prm, .prmp, .prpreset, .prproj, .prsl, .prtl, or .vpr file.

References

Vulnerable Configurations

cpe:2.3:a:adobe:premier_pro_cs4:4.0.0_\(314\(mc\:_160820\)\):*:*:*:*:*:*:*
cpe:2.3:a:adobe:premier_pro_cs4:4.0.0_\(314\(mc\:_160820\)\):*:*:*:*:*:*:*

CVSS

Base:	9.3 (as of 10-10-2018 - 20:01)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

refmap via4

bugtraq	20100825 Adobe Premier Pro CS4 DLL Hijacking Exploit (ibfs32.dll)
exploit-db	14771
vupen	ADV-2010-2209

Last major update

10-10-2018 - 20:01

Published

27-08-2010 - 19:00

Last modified

10-10-2018 - 20:01