Untrusted Search Path Vulnerability in Microsoft Windows Movie Maker
CVE-2010-3967

Currently unrated

Key Information:

Vendor
Microsoft
Status
Windows Movie Maker
Vendor
CVE Published:
16 December 2010

Summary

The untrusted search path vulnerability in Microsoft Windows Movie Maker 2.6 allows local users to execute Trojan horse DLLs located within the current working directory. This can lead to unauthorized privilege escalation when a crafted Movie Maker project file (MSWMM) is accessed, enabling an attacker to execute malicious code. Users should ensure that they handle files securely and implement proper security measures to prevent exploitation of this vulnerability.

References

http://www.us-cert.gov/cas/techalerts/TA10-348A.html
third-party-advisoryx_refsource_CERT
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://secunia.com/advisories/42607
third-party-advisoryx_refsource_SECUNIA

EPSS Score

47% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2010-3967 : Untrusted Search Path Vulnerability in Microsoft Windows Movie Maker | SecurityVulnerability.io