CVE-2010-3199

Name of the Vulnerable Software and Affected Versions TortoiseSVN versions 1.6.10 and earlier

Description The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll. This occurs when a file extension is associated with TortoiseProc or TortoiseMerge, which is not the default. The vulnerability is caused by the application loading libraries in an insecure manner, allowing the loading of arbitrary libraries by tricking a user into opening a file associated with TortoiseProc or TortoiseMerge located on a remote WebDAV or SMB share. Successful exploitation requires that files are opened in TortoiseProc or TortoiseMerge, which is not a default setting.

Recommendations For TortoiseSVN versions 1.6.10 and earlier, consider disabling the file associations with TortoiseProc or TortoiseMerge until a patch is available. Restrict access to the vulnerable libraries, such as dwmapi.dll, to minimize the risk of exploitation. Avoid opening files associated with TortoiseProc or TortoiseMerge from remote WebDAV or SMB shares.