CVE-2010-3129

Name of the Vulnerable Software and Affected Versions uTorrent versions 2.0.3 and earlier

Description The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks. This can be achieved via a Trojan horse plugin dll.dll, userenv.dll, shfolder.dll, dnsapi.dll, dwmapi.dll, iphlpapi.dll, dhcpcsvc.dll, dhcpcsvc6.dll, or rpcrtremote.dll that is located in the same folder as a .torrent or .btsearch file.

Recommendations For uTorrent versions 2.0.3 and earlier, update to a version later than 2.0.3 to resolve the issue. As a temporary workaround, consider restricting the execution of files from untrusted locations to minimize the risk of exploitation. Avoid opening .torrent or .btsearch files from untrusted sources until the issue is resolved.