Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2010-3143

Published: 27/08/2010 Updated: 19/09/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 945
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Microsoft

Vulnerability Summary

Untrusted search path vulnerability in Microsoft Windows Contacts allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32res.dll that is located in the same folder as a .contact, .group, .p7c, .vcf, or .wab file. NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3147.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows

Exploits

Exploit DB: Microsoft Windows - Contacts 'wab32res.dll' DLL Hijacking
/* Exploit Title: Microsoft Windows Contacts DLL Hijacking Exploit (wab32resdll) Date: August 25, 2010 Author: storm (storm@gonullyourselforg) Tested on: Windows Vista SP2 wwwgonullyourselforg/ gcc -shared -o wab32resdll Contacts-DLLc contact, group, p7c, vcf, and wab files are affected */ #include <windowsh> int ha ...
Exploit DB: Microsoft Windows 7 - 'wab32res.dll wab.exe' DLL Hijacking
/* Exploit Title: Microsoft Windows 7 wabexe DLL Hijacking Exploit (wab32resdll) Date: 24/08/2010 Author: TheLeader Email: gsog2009 [a7] hotmail [d0t] com Version: 617600 and prior Tested on: Windows 7 x86 (617600) There's a chance this one works with vista Instructions: Compile and rename to wab32resdll, create a file in the same dir wit ...
Exploit DB: Microsoft Address Book 6.00.2900.5512 - 'wab32res.dll' DLL Hijacking
/* # Greetz to :b0nd, Fbih2s,r45c4l,Charles ,j4ckh4x0r, punter,eberly, Charles, Dinesh Arora , Anirban , Dinesh Arora # Site : wwwbeenuaroracom Exploit Title: Microsoft Address Book DLL Hijacking Date: 25/08/2010 Author: Beenu Arora Tested on: Windows XP SP3 , Microsoft Address Book 60029005512 Vulnerable extensions: wab , p7c Compile and re ...

References

NVD-CWE-Otherhttp://www.exploit-db.com/exploits/14778/https://exchange.xforce.ibmcloud.com/vulnerabilities/64446https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7224https://nvd.nist.govhttps://www.exploit-db.com/exploits/14778/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook