CVE-2010-3128
Description
Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
TeamViewer 5.0.8703 - 'dwmapi.dll' DLL Hijacking
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| teamviewer | teamviewer | {"endIncluding":"5.0.8703"} | |
| teamviewer | teamviewer | 1.85 | |
| teamviewer | teamviewer | 2.44 | |
| teamviewer | teamviewer | 3.6.5523 | |
| teamviewer | teamviewer | 4.1.8107 | |
References
- http://secunia.com/advisories/41112
- http://www.exploit-db.com/exploits/14734
- http://www.securityfocus.com/archive/1/513317/100/0/threaded
- http://www.vupen.com/english/advisories/2010/2174
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6773
- http://secunia.com/advisories/41112
- http://www.exploit-db.com/exploits/14734
- http://www.securityfocus.com/archive/1/513317/100/0/threaded
- http://www.vupen.com/english/advisories/2010/2174
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6773
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.