CVE-2010-3190

Name of the Vulnerable Software and Affected Versions Microsoft Visual Studio .NET 2003 SP1 Microsoft Visual Studio 2005 SP1 Microsoft Visual Studio 2008 SP1 Microsoft Visual Studio 2010 Microsoft Visual C++ 2005 SP1 Microsoft Visual C++ 2008 SP1 Microsoft Visual C++ 2010 Microsoft Exchange Server 2010 Service Pack 3 Microsoft Exchange Server 2013

Description The issue is related to an untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library, which allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory during execution of an MFC application. This can be demonstrated by a directory that contains a TRC, cur, rs, rct, or res file. A remote code execution vulnerability also exists in the way that certain applications built with Microsoft Foundation Classes (MFC) handle the loading of DLL files, potentially allowing an attacker to take complete control of an affected system.

Recommendations For Microsoft Visual Studio .NET 2003 SP1, consider disabling the execution of MFC applications until a patch is available. For Microsoft Visual Studio 2005 SP1, 2008 SP1, and 2010, restrict access to the MFC Library to minimize the risk of exploitation. For Microsoft Visual C++ 2005 SP1, 2008 SP1, and 2010, avoid using the dwmapi.dll file in the current working directory until the issue is resolved. For Microsoft Exchange Server 2010 Service Pack 3 and 2013, restrict access to the MFC Library and consider disabling the execution of MFC applications until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.