CVE-2010-3124

{"id": "CVE-2010-3124", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-08-26T18:36:35.530", "references": [{"url": "http://git.videolan.org/?p=vlc/vlc-1.1.git%3Ba=blobdiff%3Bf=bin/winvlc.c%3Bh=ac9b97ca9f5f9ba001f13bf61eb5127a1c1dbcbf%3Bhp=2d09cba320e3b0def7069ce1ebab25d1340161c5%3Bhb=43a31df56c37bd62c691cdbe3c1f11babd164b56%3Bhpb=2d366da738b19f8d761d7084746c6db6f52808c6", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/41107", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/14750", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2010/08/25/10", "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2010/08/25/9", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2010/2172", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12190", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .mp3 file."}, {"lang": "es", "value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en bin/winvlc.c de VLC Media Player v1.1.3 y anteriores permite a usuarios locales, y puede que atacantes remotos, ejecutar c\u00f3digo de su elecci\u00f3n y producir un ataque de secuestro de DLL, a trav\u00e9s de un troyano wintab32.dll que est\u00e1 ubicado en la misma carpeta que un fichero .mp3."}], "lastModified": "2023-11-07T02:05:48.373", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B56F960-8A00-4DC1-9F0E-1C1211A1F8DB", "versionEndIncluding": "1.1.3"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.1.99b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10A23C59-433E-467A-9FDD-7D18CC1AC0AB"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.1.99e:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35E2E373-13F6-405D-8866-ECADE118C2F3"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.1.99f:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B9447EA-6F39-4B10-A0E1-C094CF3E1BB3"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.1.99g:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9D2A6B8-B75C-42B5-962F-28DB013D65E3"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.1.99h:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BA4C098-F2B1-496E-B872-90774C7D105C"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.1.99i:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9C2006D-FA5A-4002-B81B-54FC35B46DB0"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC8DE917-7328-4D01-9736-0567963F4D17"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.60:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8197F279-8411-4E9A-9840-BCC625D636C1"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.61:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F7AF897-3B0C-4CA0-86C7-93C9AA26CD0B"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.62:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7B2C78E-8399-404C-97E5-CDAB93587757"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.63:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1D6BE69-725A-4CE1-BD42-D3FA10126BF3"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.70:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CC1414B-3733-4B29-AC06-E6788E29C7ED"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.71:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBDEEC2D-8ACD-4C6B-944A-F0952498E511"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.72:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DC59E17-D647-4F91-B9B7-D9949921DFC9"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.73:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDC4F928-FD5D-4C11-BF39-B068A5630DF6"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.80:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "398EC30A-ABC6-4474-9516-63769F71E8A7"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.81:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86EB8260-DCAA-4261-BFF7-8FE3628CE13E"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.82:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F37BDFCB-3171-44A6-8F0A-0FCCCA876801"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.83:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A26CC61-7D20-4F99-A774-C5FF4AD1F249"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.90:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "069BA9C0-7B3F-4B6D-B433-2D618F826438"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.91:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B04A969-0645-41D4-AEA4-9AC47725F593"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.92:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "984C1ABC-B155-417A-AA0E-78B13A263650"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3913F6C0-22E2-4FFC-AFF6-417F286C36F5"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "205B275E-1E9E-4558-BD8B-1B3E3B349886"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA909414-DA30-4DAD-A342-3588B0840251"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "028CDDD1-BFB7-438F-811D-7549713F45E3"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97B959F2-501C-4365-88CD-8231BF36297E"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F5C7D12-3521-4398-AB5C-CBFB6A500DEE"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEFD6C6D-05FC-437E-92B7-848C9112FD42"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9C45418-8946-4DFE-8D78-CBE3432600BF"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C5F3996-3AE2-4690-84A5-F258BC07596E"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12602EC1-07DE-4A40-9897-E7E6A23D4B42"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6726FF43-2330-444C-86F0-FB774F8470C8"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90D485D0-BBF8-4A0F-91A1-52835EF876A1"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC23A94C-3611-41BA-9043-22C477B8020B"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01118457-9068-48F7-B2A4-BABB354E1449"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB851F73-D444-4316-9AA0-4556068ADED2"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6221A983-B4AC-4646-A939-FAA021EE7F20"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1707178-C378-4098-8C97-CBFB5DD8B4ED"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46904EED-974A-4900-B676-DE298CB3ADE1"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4384C436-12AF-4051-B074-893BE6B4C7F2"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7EC2CEE6-A2E1-437A-947F-608EB7987758"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C30A98A2-675A-4913-A425-2B9F8F06CEA8"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6A360E5-501E-4A97-94A0-620FC5B2627A"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2845107-7D0C-4F72-AF0C-0E059E923826"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18B68706-5A1F-479F-8A38-F93D98481F9C"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3B32073-DBD5-4344-8498-A132B99807A8"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5330E5C4-BF18-498A-9AE2-1C57E2494AAF"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86D31A16-94EE-45D6-8C54-4F27D466A29E"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "117C896C-1C61-440E-B0F4-A871828CD095"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53C17E1A-2E3A-4765-92DE-55CFEE5E4CB0"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.8a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A218DA63-4334-4C9F-BB47-44CC00630613"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CD809FD-E893-4921-83CE-D34008670F8F"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F60ACBF-E7C6-4184-9B91-8ED3840A7BEA"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1925D17-564A-4D8C-87FB-D3C731FA0612"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70BD6170-AD0D-4E95-8998-8B5CE8F0E3AF"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B06DCD7-56C5-4B25-936E-07D766109FB8"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29AD31C5-B119-44EF-8627-2C480860BAD2"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "692C36B2-2A55-44EA-B80E-D7EDE384BA7D"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEAD1ED9-4FA1-47D9-87A0-9D6B4C6771DE"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8E2A762-C13C-4BDD-AD86-7A52609D693D"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0042DAC1-A91B-40A6-A379-9C345CF13E4B"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D13741F-8A82-44F6-8D73-98451A180529"}, {"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E52C6189-71F1-4A3A-BC08-94087AE1FCE6"}], "operator": "OR"}]}], "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html\r\n\r\n'CWE-426: Untrusted Search Path'", "sourceIdentifier": "cve@mitre.org"}