PT-2010-5202 · Microsoft · Windows Movie Maker
Published
2010-12-16
·
Updated
2023-12-07
·
CVE-2010-3967
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Microsoft Windows Movie Maker version 2.6
Description
The issue is related to an untrusted search path vulnerability, which allows local users to gain privileges. This can be achieved by placing a Trojan horse DLL in the current working directory, particularly in a directory containing a Movie Maker (MSWMM) file.
Recommendations
For Microsoft Windows Movie Maker version 2.6, consider restricting access to the current working directory to minimize the risk of exploitation until a patch is available.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Windows Movie Maker