Published: 27/08/2010 Updated: 10/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Untrusted search path vulnerability in Adobe InDesign CS4 6.0, InDesign CS5 7.0.2 and previous versions, Adobe InDesign Server CS5 7.0.2 and previous versions, and Adobe InCopy CS5 7.0.2 and previous versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ibfs32.dll that is located in the same folder as an .indl, .indp, .indt, or .inx file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe indesign cs4 6.0

/* Exploit Title: Adobe InDesign CS4 DLL Hijacking Exploit (ibfs32dll) Date: August 25, 2010 Author: Glafkos Charalambous (glafkos[@]astalavista[dot]com) Version: CS4 v60 Tested on: Windows 7 x64 Ultimate Vulnerable extensions: indl indp indt inx Greetz: Astalavista, OffSEC, Exploit-DB */ #include <windowsh> BOOL WINAPI DllMain ( ...

NVD-CWE-Other http://www.exploit-db.com/exploits/14775/http://secunia.com/advisories/41126 http://www.securitytracker.com/id?1024612 http://www.adobe.com/support/security/bulletins/apsb10-24.html http://www.securityfocus.com/archive/1/513340/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/14775/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-3153

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect