CVE-2010-3146

Name of the Vulnerable Software and Affected Versions Microsoft Groove 2007 SP2

Description The issue allows local users to gain privileges via a Trojan horse mso.dll or GroovePerfmon.dll file in the current working directory. This can be demonstrated by a directory that contains a Groove vCard (.vcg) or Groove Tool Archive (.gta) file.

Recommendations For Microsoft Groove 2007 SP2, consider restricting access to the mso.dll and GroovePerfmon.dll files to minimize the risk of exploitation. Avoid using directories that contain Groove vCard (.vcg) or Groove Tool Archive (.gta) files with potentially untrusted search paths until the issue is resolved.