Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2010-3147 | First vendor Publication | 2010-08-27 |
Vendor | Cve | Last vendor Modification | 2023-12-07 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan horse wab32res.dll file in the current working directory, as demonstrated by a directory that contains a Windows Address Book (WAB), VCF (aka vCard), or P7C file, aka "Insecure Library Loading Vulnerability." NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3143. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3147 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12352 | |||
Oval ID: | oval:org.mitre.oval:def:12352 | ||
Title: | Insecure Library Loading Vulnerability | ||
Description: | Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan horse wab32res.dll file in the current working directory, as demonstrated by a directory that contains a Windows Address Book (WAB), VCF (aka vCard), or P7C file, aka "Insecure Library Loading Vulnerability." NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3143. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3147 | Version: | 13 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6833 | |||
Oval ID: | oval:org.mitre.oval:def:6833 | ||
Title: | DEPRECATED: Untrusted search path vulnerability in Microsoft Address Book (wab.exe) 6.00.2900.5512 via a Trojan horse wab32res.dll | ||
Description: | Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan horse wab32res.dll file in the current working directory, as demonstrated by a directory that contains a Windows Address Book (WAB), VCF (aka vCard), or P7C file, aka "Insecure Library Loading Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3147 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Microsoft Address Book |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-12-15 | Name : Microsoft Windows Address Book Remote Code Execution Vulnerability (2423089) File : nvt/secpod_ms10-096.nasl |
2010-10-22 | Name : Microsoft Windows Address Book Insecure Library Loading Vulnerability File : nvt/gb_ms_address_book_insecure_lib_load_vuln.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
67553 | Microsoft Windows Contacts Path Subversion Arbitrary DLL Injection Code Execu... Microsoft Windows Contacts is prone to a flaw in the way it loads dynamic-link libraries (e.g., wab32res.dll). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a .contact, .group, .p7c, .vcf, or .wab file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2010-12-16 | IAVM : 2010-A-0173 - Microsoft Windows Address Book Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0025845 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Windows Address Book request for msoeres32.dll over SMB attempt RuleID : 18207 - Revision : 16 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows Address Book request for wab32res.dll over SMB attempt RuleID : 18206 - Revision : 17 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows Address Book msoeres32.dll dll-load exploit attempt RuleID : 18205 - Revision : 16 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows Address Book wab32res.dll dll-load exploit attempt RuleID : 18204 - Revision : 17 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-12-15 | Name : Arbitrary code can be executed on the remote host through Windows Address Book. File : smb_nt_ms10-096.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2023-12-07 21:28:04 |
|
2020-05-23 00:26:21 |
|
2019-02-26 17:19:33 |
|
2018-10-31 00:20:06 |
|
2018-10-13 00:22:59 |
|
2017-09-19 09:23:54 |
|
2016-08-31 12:02:15 |
|
2016-08-05 12:02:36 |
|
2016-06-28 18:17:50 |
|
2016-04-26 20:02:55 |
|
2014-02-17 10:57:03 |
|
2014-01-19 21:27:05 |
|
2013-11-11 12:38:53 |
|
2013-06-08 13:19:24 |
|
2013-05-10 23:31:11 |
|