Executive Summary

Informations
NameCVE-2010-3138First vendor Publication2010-08-27
VendorCveLast vendor Modification2013-07-18

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that contains a .avi, .mka, .ra, or .ram file, aka "Indeo Codec Insecure Library Loading Vulnerability." NOTE: some of these details are obtained from third party information.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3138

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:7132
 
Oval ID: oval:org.mitre.oval:def:7132
Title: Indeo Codec Insecure Library Loading Vulnerability
Description: Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that contains a .avi, .mka, .ra, or .ram file, aka "Indeo Codec Insecure Library Loading Vulnerability." NOTE: some of these details are obtained from third party information.
Family: windows Class: vulnerability
Reference(s): CVE-2010-3138
Version: 7
Platform(s): Microsoft Windows XP
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Application1
Os1

OpenVAS Exploits

DateDescription
2012-02-15Name : MS Windows Indeo Codec Remote Code Execution Vulnerability (2661637)
File : nvt/secpod_ms12-014.nasl
2011-08-11Name : Microsoft Windows Insecure Library Loading Vulnerability (2269637)
File : nvt/gb_ms_insecure_lib_loading_vuln.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
67588Microsoft Windows Indeo Filter Path Subversion Arbitrary DLL Injection Code E...

Information Assurance Vulnerability Management (IAVM)

DateDescription
2012-02-16IAVM : 2012-B-0019 - Microsoft Indeo Codec Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0031353

Snort® IPS/IDS

DateDescription
2014-01-10Multiple Vendors iacenc.dll dll-load exploit attempt
RuleID : 18532 - Revision : 6 - Type : OS-WINDOWS
2014-01-10Multiple Vendors iacenc.dll dll-load exploit attempt
RuleID : 18531 - Revision : 6 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

DateDescription
2012-02-14Name : Arbitrary code can be executed on the remote Windows host through the Indeo c...
File : smb_nt_ms12-014.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
CERThttp://www.us-cert.gov/cas/techalerts/TA12-045A.html
EXPLOIT-DBhttp://www.exploit-db.com/exploits/14765
http://www.exploit-db.com/exploits/14788
MISChttp://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4956.php
MShttp://technet.microsoft.com/security/bulletin/MS12-014
OSVDBhttp://osvdb.org/67588
SECUNIAhttp://secunia.com/advisories/41114
VUPENhttp://www.vupen.com/english/advisories/2010/2190

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
DateInformations
2014-02-17 10:57:03
  • Multiple Updates
2014-01-19 21:27:04
  • Multiple Updates
2013-11-11 12:38:53
  • Multiple Updates
2013-07-19 21:18:55
  • Multiple Updates
2013-05-10 23:31:09
  • Multiple Updates