Untrusted Search Path Vulnerability in Microsoft Remote Desktop Connection
CVE-2011-0029

7.4HIGH

Key Information:

Vendor

Microsoft
Status
Remote Desktop Connection Client
Vendor
CVE Published:
9 March 2011

What is CVE-2011-0029?

The vulnerability affects various versions of Microsoft Remote Desktop Connection, allowing local users to exploit an untrusted search path. By placing a malicious DLL in the working directory, specifically alongside a .rdp file, an unauthorized user can execute the DLL with elevated privileges. This risk illustrates the importance of secure coding practices and validating executable paths to mitigate the threat posed by Trojan horses.

References

https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://osvdb.org/71014
vdb-entryx_refsource_OSVDB

EPSS Score

34% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.