CVE-2010-3134

Name of the Vulnerable Software and Affected Versions Google Earth version 5.1.3535.3218

Description The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks. This can be achieved via a Trojan horse quserex.dll that is located in the same folder as a .kmz file.

Recommendations For Google Earth version 5.1.3535.3218, consider restricting the execution of files from untrusted locations to minimize the risk of exploitation. As a temporary workaround, avoid using .kmz files from untrusted sources until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.