Untrusted Search Path Vulnerability in Microsoft Remote Desktop Connection
CVE-2011-0029

Currently unrated

Key Information:

Vendor

Microsoft
Status
Remote Desktop Connection Client
Vendor
CVE Published:
9 March 2011

What is CVE-2011-0029?

The vulnerability affects various versions of Microsoft Remote Desktop Connection, allowing local users to exploit an untrusted search path. By placing a malicious DLL in the working directory, specifically alongside a .rdp file, an unauthorized user can execute the DLL with elevated privileges. This risk illustrates the importance of secure coding practices and validating executable paths to mitigate the threat posed by Trojan horses.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://osvdb.org/71014
vdb-entryx_refsource_OSVDB

EPSS Score

34% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.