CVE-2010-4833

Name of the Vulnerable Software and Affected Versions GTK+ versions prior to 2.24.0

Description The issue is related to an untrusted search path vulnerability in the modules/engines/ms-windows/xp theme.c module. This allows local users to gain privileges via a Trojan horse uxtheme.dll file in the current working directory.

Recommendations For versions prior to 2.24.0, update to version 2.24.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable module to minimize the risk of exploitation. Avoid using the uxtheme.dll file in the current working directory until the issue is resolved.