CVE-2011-0029

Currently unrated

Key Information:

Vendor: Microsoft
Status: Remote Desktop Connection Client
Vendor: CVE Published:; 9 March 2011

Summary

Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Insecure Library Loading Vulnerability."

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://osvdb.org/71014

vdb-entryx_refsource_OSVDB

EPSS Score

95% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 9, 2011
Vulnerability Reserved
Dec 10, 2010

Collectors

NVD DatabaseMitre Database