cve/CVE-2010-3138.md at eb8fb22b51df9332dc1ec68d0bcaedfdbefed8cd

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-16 20:27:21 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that contains a .avi, .mka, .ra, or .ram file, aka "Indeo Codec Insecure Library Loading Vulnerability." NOTE: some of these details are obtained from third party information.

POC

Reference

http://www.exploit-db.com/exploits/14765
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4956.php
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-014

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/nitishbadole/oscp-note-2
https://github.com/rmsbpro/rmsbpro

1.1 KiB Raw Blame History

CVE-2010-3138

Description

POC

Reference

Github

1.1 KiB

Raw Blame History