Untrusted Search Path Vulnerability in Adobe Premiere Pro by Adobe
CVE-2010-3150

Currently unrated

Key Information:

Vendor: Adobe
Status: Premier Pro Cs4
Vendor: CVE Published:; 27 August 2010

Summary

The vulnerability in Adobe Premiere Pro CS4 allows an attacker to exploit a flaw in the search path used for dynamically linked libraries (DLLs). This weakness enables local users and potential remote attackers to execute arbitrary code on affected systems. The manipulation occurs when malicious libraries, specifically 'ibfs32.dll', are placed in the same directory as various project files, such as .pproj and .prproj. When these files are opened in Adobe Premiere Pro, the application may unintentionally load the compromised library, leading to unauthorized actions on the system.

References

http://www.exploit-db.com/exploits/14771/

exploitx_refsource_EXPLOIT-DB

http://www.vupen.com/english/advisories/2010/2209

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/archive/1/513336/100/0/threaded

mailing-listx_refsource_BUGTRAQ

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 27, 2010
Vulnerability Reserved
Aug 27, 2010