Untrusted Search Path Vulnerability in Adobe Dreamweaver CS5
CVE-2010-3132

Currently unrated

Key Information:

Vendor: Adobe
Status: Dreamweaver
Vendor: CVE Published:; 26 August 2010

Summary

An untrusted search path vulnerability exists in Adobe Dreamweaver CS5 that allows local users, or potentially remote attackers, to exploit the application. By placing a Trojan horse DLL, such as 'mfc90loc.dll' or 'dwmapi.dll', in the same directory as certain scripts (CSS, PHP, ASP), the application may unintentionally execute this malicious code. This vulnerability poses significant risks, including unauthorized access and control of the affected system.

References

http://www.vupen.com/english/advisories/2010/2171

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/41110

third-party-advisoryx_refsource_SECUNIA

http://www.exploit-db.com/exploits/14740

exploitx_refsource_EXPLOIT-DB

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 26, 2010
Vulnerability Reserved
Aug 26, 2010