Untrusted Search Path Vulnerability in TeamViewer by TeamViewer GmbH
CVE-2010-3128

Currently unrated

Key Information:

Vendor: Teamviewer
Status: Teamviewer
Vendor: CVE Published:; 26 August 2010

What is CVE-2010-3128?

The identified vulnerability in TeamViewer versions up to 5.0.8703 allows local users and potentially remote attackers to leverage a DLL hijacking attack. Specifically, if a Trojan horse dwmapi.dll is placed within the same directory as a .tvs or .tvc file, this could facilitate the execution of arbitrary code. This untrusted search path flaw underscores the importance of securing application folders and validating the integrity of DLLs used by applications.

References

http://secunia.com/advisories/41112

third-party-advisoryx_refsource_SECUNIA

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.exploit-db.com/exploits/14734

exploitx_refsource_EXPLOIT-DB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 26, 2010
Vulnerability Reserved
Aug 26, 2010

Teamviewer

What is CVE-2010-3128?

References

Timeline