Published: 27/08/2010 Updated: 19/09/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 940

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse rpawinet.dll that is located in the same folder as a .odp, .pothtml, .potm, .potx, .ppa, .ppam, .pps, .ppt, .ppthtml, .pptm, .pptxml, .pwz, .sldm, .sldx, and .thmx file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft powerpoint 2007

/* Exploit Title: Microsoft Office PowerPoint 2007 DLL Hijacking Exploit (rpawinetdll) Date: August 25, 2010 Author: storm (storm@gonullyourselforg) Version: 2007 (12065355002) SP2 Tested on: Windows Vista SP2 wwwgonullyourselforg/ gcc -shared -o rpawinetdll PowerPoint-DLLc odp, pothtml, potm, potx, ppa, ppam, pps, ppt, ...

/* Exploit Title: Microsoft PowerPoint 2010 DLL Hijacking Exploit (pptimpconvdll) Date: 24/08/2010 Author: TheLeader Email: gsog2009 [a7] hotmail [d0t] com Software Link: officemicrosoftcom/en-us/powerpoint/ Version: 14047601000 Tested on: Windows 7 x86 (617600) Compile and rename to pptimpconvdll, create a file in the same dir wit ...

NVD-CWE-Other http://www.exploit-db.com/exploits/14782/https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12219 https://nvd.nist.gov https://www.exploit-db.com/exploits/14782/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-3142

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect