ID CVE-2010-3129
Summary Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse plugin_dll.dll, userenv.dll, shfolder.dll, dnsapi.dll, dwmapi.dll, iphlpapi.dll, dhcpcsvc.dll, dhcpcsvc6.dll, or rpcrtremote.dll that is located in the same folder as a .torrent or .btsearch file. Per: http://cwe.mitre.org/data/definitions/426.html CWE-426 - 'Untrusted Search Path Vulnerability'
References
Vulnerable Configurations
  • cpe:2.3:a:utorrent:utorrent:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.7:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.7.6:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.8:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.8.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.8.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:1.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:1.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:utorrent:utorrent:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:utorrent:utorrent:2.0.3:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 19-09-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
oval via4
accepted 2010-10-25T04:00:20.553-04:00
class vulnerability
contributors
name SecPod Team
organization SecPod Technologies
definition_extensions
comment uTorrent is installed
oval oval:org.mitre.oval:def:7343
description Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse plugin_dll.dll, userenv.dll, shfolder.dll, dnsapi.dll, dwmapi.dll, iphlpapi.dll, dhcpcsvc.dll, dhcpcsvc6.dll, or rpcrtremote.dll that is located in the same folder as a .torrent or .btsearch file.
family windows
id oval:org.mitre.oval:def:6887
status accepted
submitted 2010-09-13T10:27:44
title Untrusted search path vulnerability in uTorrent less than or equal to 2.0.3
version 4
refmap via4
exploit-db
  • 14726
  • 14748
secunia 41051
vupen ADV-2010-2164
Last major update 19-09-2017 - 01:31
Published 26-08-2010 - 18:36
Back to Top